Grafana is validating Azure AD accounts based on the email claim.
On Azure AD, the profile email field is not unique and can be easily modified.
This leads to account takeover and authentication bypass when Azure AD OAuth is configured with a multi-tenant app.
References
| Link | Resource |
|---|---|
| https://github.com/grafana/bugbounty/security/advisories/GHSA-gxh2-6vvc-rrgp | Vendor Advisory |
| https://grafana.com/security/security-advisories/cve-2023-3128/ | Vendor Advisory |
| https://security.netapp.com/advisory/ntap-20230714-0004/ | Third Party Advisory |
Configurations
Configuration 1 (hide)
|
History
21 Jul 2023, 19:19
| Type | Values Removed | Values Added |
|---|---|---|
| References | (MISC) https://github.com/grafana/bugbounty/security/advisories/GHSA-gxh2-6vvc-rrgp - Vendor Advisory | |
| References | (MISC) https://security.netapp.com/advisory/ntap-20230714-0004/ - Third Party Advisory |
18 Jul 2023, 08:15
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
06 Jul 2023, 09:15
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
30 Jun 2023, 17:49
| Type | Values Removed | Values Added |
|---|---|---|
| References | (MISC) https://grafana.com/security/security-advisories/cve-2023-3128/ - Vendor Advisory | |
| CWE | CWE-290 | |
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.8 |
| First Time |
Grafana
Grafana grafana |
|
| CPE | cpe:2.3:a:grafana:grafana:*:*:*:*:-:*:*:* cpe:2.3:a:grafana:grafana:*:*:*:*:enterprise:*:*:* |
22 Jun 2023, 21:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2023-06-22 21:15
Updated : 2023-12-10 15:01
NVD link : CVE-2023-3128
Mitre link : CVE-2023-3128
CVE.ORG link : CVE-2023-3128
JSON object : View
Products Affected
grafana
- grafana
CWE
CWE-290
Authentication Bypass by Spoofing