CVE-2022-31097 - OpenCVE

Grafana is an open-source platform for monitoring and observability. Versions on the 8.x and 9.x branch prior to 9.0.3, 8.5.9, 8.4.10, and 8.3.10 are vulnerable to stored cross-site scripting via the Unified Alerting feature of Grafana. An attacker can exploit this vulnerability to escalate privilege from editor to admin by tricking an authenticated admin to click on a link. Versions 9.0.3, 8.5.9, 8.4.10, and 8.3.10 contain a patch. As a workaround, it is possible to disable alerting or use legacy alerting.

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact None

User Interaction Required

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Netapp	E-series Performance Analyzer
Grafana	Grafana

Configuration 1 [-]

OR	cpe:2.3:a:grafana:grafana::::::::
	cpe:2.3:a:grafana:grafana::::::::
	cpe:2.3:a:grafana:grafana::::::::
	cpe:2.3:a:grafana:grafana::::::::

Configuration 2 [-]

cpe:2.3:a:netapp:e-series_performance_analyzer:-:*:*:*:*:*:*:*

References

Link	Resource
https://github.com/grafana/grafana/security/advisories/GHSA-vw7q-p2qg-4m5f	Release Notes Third Party Advisory
https://grafana.com/docs/grafana/latest/release-notes/release-notes-8-5-9/	Release Notes Vendor Advisory
https://grafana.com/docs/grafana/latest/release-notes/release-notes-9-0-3/	Release Notes Vendor Advisory
https://grafana.com/docs/grafana/next/release-notes/release-notes-8-4-10/	Release Notes Vendor Advisory
https://security.netapp.com/advisory/ntap-20220901-0010/	Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: GitHub_M

Published: 2022-07-15T12:10:10

Updated: 2022-09-01T13:06:34

Reserved: 2022-05-18T00:00:00

Link: CVE-2022-31097

JSON object: View

NVD Information

Status : Analyzed

Published: 2022-07-15T12:15:08.903

Modified: 2022-11-23T14:24:29.260

Link: CVE-2022-31097

JSON object: View

Redhat Information

No data.

CWE

CWE-79

{"containers": {"cna": {"affected": [{"product": "grafana", "vendor": "grafana", "versions": [{"status": "affected", "version": ">= 9.0.0, < 9.0.3"}, {"status": "affected", "version": ">= 8.5.0, < 8.5.9"}, {"status": "affected", "version": ">= 8.4.0, < 8.4.10"}, {"status": "affected", "version": ">= 8.0.0, < 8.3.10"}]}], "descriptions": [{"lang": "en", "value": "Grafana is an open-source platform for monitoring and observability. Versions on the 8.x and 9.x branch prior to 9.0.3, 8.5.9, 8.4.10, and 8.3.10 are vulnerable to stored cross-site scripting via the Unified Alerting feature of Grafana. An attacker can exploit this vulnerability to escalate privilege from editor to admin by tricking an authenticated admin to click on a link. Versions 9.0.3, 8.5.9, 8.4.10, and 8.3.10 contain a patch. As a workaround, it is possible to disable alerting or use legacy alerting."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-79", "description": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2022-09-01T13:06:34", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/grafana/grafana/security/advisories/GHSA-vw7q-p2qg-4m5f"}, {"tags": ["x_refsource_MISC"], "url": "https://grafana.com/docs/grafana/latest/release-notes/release-notes-9-0-3/"}, {"tags": ["x_refsource_MISC"], "url": "https://grafana.com/docs/grafana/next/release-notes/release-notes-8-4-10/"}, {"tags": ["x_refsource_MISC"], "url": "https://grafana.com/docs/grafana/latest/release-notes/release-notes-8-5-9/"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://security.netapp.com/advisory/ntap-20220901-0010/"}], "source": {"advisory": "GHSA-vw7q-p2qg-4m5f", "discovery": "UNKNOWN"}, "title": "Stored XSS in Grafana's Unified Alerting", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security-advisories@github.com", "ID": "CVE-2022-31097", "STATE": "PUBLIC", "TITLE": "Stored XSS in Grafana's Unified Alerting"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "grafana", "version": {"version_data": [{"version_value": ">= 9.0.0, < 9.0.3"}, {"version_value": ">= 8.5.0, < 8.5.9"}, {"version_value": ">= 8.4.0, < 8.4.10"}, {"version_value": ">= 8.0.0, < 8.3.10"}]}}]}, "vendor_name": "grafana"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Grafana is an open-source platform for monitoring and observability. Versions on the 8.x and 9.x branch prior to 9.0.3, 8.5.9, 8.4.10, and 8.3.10 are vulnerable to stored cross-site scripting via the Unified Alerting feature of Grafana. An attacker can exploit this vulnerability to escalate privilege from editor to admin by tricking an authenticated admin to click on a link. Versions 9.0.3, 8.5.9, 8.4.10, and 8.3.10 contain a patch. As a workaround, it is possible to disable alerting or use legacy alerting."}]}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"}]}]}, "references": {"reference_data": [{"name": "https://github.com/grafana/grafana/security/advisories/GHSA-vw7q-p2qg-4m5f", "refsource": "CONFIRM", "url": "https://github.com/grafana/grafana/security/advisories/GHSA-vw7q-p2qg-4m5f"}, {"name": "https://grafana.com/docs/grafana/latest/release-notes/release-notes-9-0-3/", "refsource": "MISC", "url": "https://grafana.com/docs/grafana/latest/release-notes/release-notes-9-0-3/"}, {"name": "https://grafana.com/docs/grafana/next/release-notes/release-notes-8-4-10/", "refsource": "MISC", "url": "https://grafana.com/docs/grafana/next/release-notes/release-notes-8-4-10/"}, {"name": "https://grafana.com/docs/grafana/latest/release-notes/release-notes-8-5-9/", "refsource": "MISC", "url": "https://grafana.com/docs/grafana/latest/release-notes/release-notes-8-5-9/"}, {"name": "https://security.netapp.com/advisory/ntap-20220901-0010/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20220901-0010/"}]}, "source": {"advisory": "GHSA-vw7q-p2qg-4m5f", "discovery": "UNKNOWN"}}}}, "cveMetadata": {"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2022-31097", "datePublished": "2022-07-15T12:10:10", "dateReserved": "2022-05-18T00:00:00", "dateUpdated": "2022-09-01T13:06:34", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", "matchCriteriaId": "38231605-A82E-4D32-893D-69A2FE01F808", "versionEndExcluding": "8.3.10", "versionStartIncluding": "8.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", "matchCriteriaId": "A5136FB0-D7F8-4BDD-9C70-CB2648065A1F", "versionEndExcluding": "8.4.10", "versionStartIncluding": "8.4.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", "matchCriteriaId": "7C2FAADE-D9EA-431C-ACFA-9F846F14B5A2", "versionEndExcluding": "8.5.9", "versionStartIncluding": "8.5.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", "matchCriteriaId": "A29E8B3E-D3A9-49A4-ABCD-4E87F8B527DD", "versionEndExcluding": "9.0.3", "versionStartIncluding": "9.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:netapp:e-series_performance_analyzer:-:*:*:*:*:*:*:*", "matchCriteriaId": "24B8DB06-590A-4008-B0AB-FCD1401C77C6", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Grafana is an open-source platform for monitoring and observability. Versions on the 8.x and 9.x branch prior to 9.0.3, 8.5.9, 8.4.10, and 8.3.10 are vulnerable to stored cross-site scripting via the Unified Alerting feature of Grafana. An attacker can exploit this vulnerability to escalate privilege from editor to admin by tricking an authenticated admin to click on a link. Versions 9.0.3, 8.5.9, 8.4.10, and 8.3.10 contain a patch. As a workaround, it is possible to disable alerting or use legacy alerting."}, {"lang": "es", "value": "Grafana es una plataforma de c\u00f3digo abierto para la monitorizaci\u00f3n y la observaci\u00f3n. Las versiones de la rama 8.x y 9.x anteriores a 9.0.3, 8.5.6, 8.4.10 y 8.3.10, son vulnerables a un ataque de tipo cross-site scripting almacenado por medio de la funci\u00f3n Unified Alerting de Grafana. Un atacante puede explotar esta vulnerabilidad para escalar el privilegio de editor a administrador al enga\u00f1ar a un administrador autenticado para que haga clic en un enlace. Las versiones 9.0.3, 8.5.6, 8.4.10 y 8.3.10 contienen un parche. Como mitigaci\u00f3n, es posible deshabilitar las alertas o usar las alertas heredadas"}], "id": "CVE-2022-31097", "lastModified": "2022-11-23T14:24:29.260", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 8.7, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 2.3, "impactScore": 5.8, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 2.1, "impactScore": 5.2, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2022-07-15T12:15:08.903", "references": [{"source": "security-advisories@github.com", "tags": ["Release Notes", "Third Party Advisory"], "url": "https://github.com/grafana/grafana/security/advisories/GHSA-vw7q-p2qg-4m5f"}, {"source": "security-advisories@github.com", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://grafana.com/docs/grafana/latest/release-notes/release-notes-8-5-9/"}, {"source": "security-advisories@github.com", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://grafana.com/docs/grafana/latest/release-notes/release-notes-9-0-3/"}, {"source": "security-advisories@github.com", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://grafana.com/docs/grafana/next/release-notes/release-notes-8-4-10/"}, {"source": "security-advisories@github.com", "tags": ["Third Party Advisory"], "url": "https://security.netapp.com/advisory/ntap-20220901-0010/"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-79"}], "source": "security-advisories@github.com", "type": "Secondary"}]}