CVE-2022-35957 - OpenCVE

Grafana is an open-source platform for monitoring and observability. Versions prior to 9.1.6 and 8.5.13 are vulnerable to an escalation from admin to server admin when auth proxy is used, allowing an admin to take over the server admin account and gain full control of the grafana instance. All installations should be upgraded as soon as possible. As a workaround deactivate auth proxy following the instructions at: https://grafana.com/docs/grafana/latest/setup-grafana/configure-security/configure-authentication/auth-proxy/

Attack Vector Network

Attack Complexity High

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Fedoraproject	Fedora
Grafana	Grafana

Configuration 1 [-]

OR	cpe:2.3:a:grafana:grafana::::::::
	cpe:2.3:a:grafana:grafana::::::::
	cpe:2.3:a:grafana:grafana::::::::

Configuration 2 [-]

cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*

References

Link	Resource
https://github.com/grafana/grafana/security/advisories/GHSA-ff5c-938w-8c9q	Vendor Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WYU5C2RITLHVZSTCWNGQWA6KSPYNXM2H/
https://security.netapp.com/advisory/ntap-20221215-0001/	Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: GitHub_M

Published: 2022-09-20T00:00:00

Updated: 2022-12-15T00:00:00

Reserved: 2022-07-15T00:00:00

Link: CVE-2022-35957

JSON object: View

NVD Information

Status : Modified

Published: 2022-09-20T23:15:09.457

Modified: 2023-11-07T03:49:28.103

Link: CVE-2022-35957

JSON object: View

Redhat Information

No data.

CWE

CWE-290

{"dataType": "CVE_RECORD", "dataVersion": "5.0", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2022-35957", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "dateUpdated": "2022-12-15T00:00:00", "dateReserved": "2022-07-15T00:00:00", "datePublished": "2022-09-20T00:00:00"}, "containers": {"cna": {"title": "Authentication Bypass in Grafana via auth proxy allowing escalation from admin to server admin", "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2022-12-15T00:00:00"}, "descriptions": [{"lang": "en", "value": "Grafana is an open-source platform for monitoring and observability. Versions prior to 9.1.6 and 8.5.13 are vulnerable to an escalation from admin to server admin when auth proxy is used, allowing an admin to take over the server admin account and gain full control of the grafana instance. All installations should be upgraded as soon as possible. As a workaround deactivate auth proxy following the instructions at: https://grafana.com/docs/grafana/latest/setup-grafana/configure-security/configure-authentication/auth-proxy/"}], "affected": [{"vendor": "grafana", "product": "grafana", "versions": [{"version": "> 9.0.0, < 9.1.6", "status": "affected"}, {"version": "< 8.5.13", "status": "affected"}]}], "references": [{"url": "https://github.com/grafana/grafana/security/advisories/GHSA-ff5c-938w-8c9q"}, {"name": "FEDORA-2022-2eb4418018", "tags": ["vendor-advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WYU5C2RITLHVZSTCWNGQWA6KSPYNXM2H/"}, {"url": "https://security.netapp.com/advisory/ntap-20221215-0001/"}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "HIGH", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 6.6, "baseSeverity": "MEDIUM"}}], "problemTypes": [{"descriptions": [{"type": "CWE", "lang": "en", "description": "CWE-290: Authentication Bypass by Spoofing", "cweId": "CWE-290"}]}], "source": {"advisory": "GHSA-ff5c-938w-8c9q", "discovery": "UNKNOWN"}}}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", "matchCriteriaId": "60D90629-8174-4FC3-8D43-17655EF93F5E", "versionEndExcluding": "8.5.13", "vulnerable": true}, {"criteria": "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", "matchCriteriaId": "FD0963EA-4EDA-417B-9CF2-609E4157AD8C", "versionEndExcluding": "9.0.9", "versionStartIncluding": "9.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", "matchCriteriaId": "E40D636D-3D90-46E1-84F2-13F186F55DB7", "versionEndExcluding": "9.1.6", "versionStartIncluding": "9.1.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*", "matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Grafana is an open-source platform for monitoring and observability. Versions prior to 9.1.6 and 8.5.13 are vulnerable to an escalation from admin to server admin when auth proxy is used, allowing an admin to take over the server admin account and gain full control of the grafana instance. All installations should be upgraded as soon as possible. As a workaround deactivate auth proxy following the instructions at: https://grafana.com/docs/grafana/latest/setup-grafana/configure-security/configure-authentication/auth-proxy/"}, {"lang": "es", "value": "Grafana es una plataforma de c\u00f3digo abierto para la monitorizaci\u00f3n y la observabilidad. Las versiones anteriores a 9.1.6 y 8.5.13, son vulnerables a una escalada de admin a server admin cuando es usado auth proxy, lo que permite a un admin tomar la cuenta de server admin y obtener el control total de la instancia de grafana. Todas las instalaciones deben ser actualizadas tan pronto como sea posible. Como mitigaci\u00f3n, desactive el proxy de autenticaci\u00f3n siguiendo las instrucciones en: https://grafana.com/docs/grafana/latest/setup-grafana/configure-security/configure-authentication/auth-proxy/"}], "id": "CVE-2022-35957", "lastModified": "2023-11-07T03:49:28.103", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 0.7, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 0.7, "impactScore": 5.9, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2022-09-20T23:15:09.457", "references": [{"source": "security-advisories@github.com", "tags": ["Vendor Advisory"], "url": "https://github.com/grafana/grafana/security/advisories/GHSA-ff5c-938w-8c9q"}, {"source": "security-advisories@github.com", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WYU5C2RITLHVZSTCWNGQWA6KSPYNXM2H/"}, {"source": "security-advisories@github.com", "tags": ["Third Party Advisory"], "url": "https://security.netapp.com/advisory/ntap-20221215-0001/"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-290"}], "source": "security-advisories@github.com", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-290"}], "source": "nvd@nist.gov", "type": "Secondary"}]}