CVE-2023-1410 - OpenCVE

Grafana is an open-source platform for monitoring and observability. Grafana had a stored XSS vulnerability in the Graphite FunctionDescription tooltip. The stored XSS vulnerability was possible due the value of the Function Description was not properly sanitized. An attacker needs to have control over the Graphite data source in order to manipulate a function description and a Grafana admin needs to configure the data source, later a Grafana user needs to select a tampered function and hover over the description. Users may upgrade to version 8.5.22, 9.2.15 and 9.3.11 to receive a fix.

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction Required

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Grafana	Grafana

Configuration 1 [-]

OR	cpe:2.3:a:grafana:grafana::::::::
	cpe:2.3:a:grafana:grafana::::::::
	cpe:2.3:a:grafana:grafana::::::::

References

Link	Resource
https://github.com/grafana/bugbounty/security/advisories/GHSA-qrrg-gw7w-vp76	Exploit Vendor Advisory
https://grafana.com/security/security-advisories/cve-2023-1410/	Vendor Advisory
https://security.netapp.com/advisory/ntap-20230420-0003/

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: GRAFANA

Published: 2023-03-23T07:48:56.246Z

Updated: 2023-04-04T10:16:07.471Z

Reserved: 2023-03-15T11:11:52.860Z

Link: CVE-2023-1410

JSON object: View

NVD Information

Status : Modified

Published: 2023-03-23T08:15:12.470

Modified: 2023-04-20T09:15:09.380

Link: CVE-2023-1410

JSON object: View

Redhat Information

No data.

CWE

CWE-79

{"dataType": "CVE_RECORD", "dataVersion": "5.0", "cveMetadata": {"cveId": "CVE-2023-1410", "assignerOrgId": "57da9224-a3e2-4646-9d0e-c4dc2e05e7da", "state": "PUBLISHED", "assignerShortName": "GRAFANA", "dateReserved": "2023-03-15T11:11:52.860Z", "datePublished": "2023-03-23T07:48:56.246Z", "dateUpdated": "2023-04-04T10:16:07.471Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Grafana", "vendor": "Grafana", "versions": [{"lessThan": "8.5.22", "status": "affected", "version": "8.0.0", "versionType": "semver"}, {"lessThan": "9.2.15", "status": "affected", "version": "9.0.0", "versionType": "semver"}, {"lessThan": "9.3.11", "status": "affected", "version": "9.3.0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "Grafana Enterprise", "vendor": "Grafana", "versions": [{"lessThan": "8.5.22", "status": "affected", "version": "8.0.0", "versionType": "semver"}, {"lessThan": "9.2.15", "status": "affected", "version": "9.0.0", "versionType": "semver"}, {"lessThan": "9.3.11", "status": "affected", "version": "9.3.0", "versionType": "semver"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>Grafana is an open-source platform for monitoring and observability. </p><p>Grafana had a stored XSS vulnerability in the Graphite FunctionDescription tooltip. </p><p>The stored XSS vulnerability was possible due the value of the Function Description was not properly sanitized.</p><p>An attacker needs to have control over the Graphite data source in order to manipulate a function description and a Grafana admin needs to configure the data source, later a Grafana user needs to select a tampered function and hover over the description. </p><p> Users may upgrade to version 8.5.22, 9.2.15 and 9.3.11 to receive a fix. </p><p></p><div></div><div><br></div><p></p>"}], "value": "Grafana is an open-source platform for monitoring and observability.\u00a0\n\nGrafana had a stored XSS vulnerability in the Graphite FunctionDescription tooltip. \n\nThe stored XSS vulnerability was possible due the value of the Function Description was not properly sanitized.\n\nAn attacker needs to have control over the Graphite data source in order to manipulate a function description and a Grafana admin needs to configure the data source, later a Grafana user needs to select a tampered function and hover over the description.\u00a0\n\n Users may upgrade to version 8.5.22, 9.2.15 and 9.3.11 to receive a fix. \n\n\n\n\n\n\n\n\n\n\n"}], "impacts": [{"capecId": "CAPEC-592", "descriptions": [{"lang": "en", "value": "CAPEC-592"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:L/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-79", "description": "CWE-79", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "57da9224-a3e2-4646-9d0e-c4dc2e05e7da", "shortName": "GRAFANA", "dateUpdated": "2023-04-04T10:16:07.471Z"}, "references": [{"url": "https://grafana.com/security/security-advisories/cve-2023-1410/"}, {"url": "https://github.com/grafana/bugbounty/security/advisories/GHSA-qrrg-gw7w-vp76"}, {"url": "https://security.netapp.com/advisory/ntap-20230420-0003/"}], "source": {"discovery": "UNKNOWN"}, "title": "Stored XSS in Graphite FunctionDescription tooltip", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", "matchCriteriaId": "F7482331-D381-4704-BF90-060DB1E279C1", "versionEndExcluding": "8.5.22", "versionStartIncluding": "8.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", "matchCriteriaId": "79D0AE4D-AD37-45A8-A84B-FE675F2D2943", "versionEndExcluding": "9.2.15", "versionStartIncluding": "9.2.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", "matchCriteriaId": "3D6B0083-7414-4C30-9C14-B4C4784F79DB", "versionEndExcluding": "9.3.11", "versionStartExcluding": "9.3.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Grafana is an open-source platform for monitoring and observability.\u00a0\n\nGrafana had a stored XSS vulnerability in the Graphite FunctionDescription tooltip. \n\nThe stored XSS vulnerability was possible due the value of the Function Description was not properly sanitized.\n\nAn attacker needs to have control over the Graphite data source in order to manipulate a function description and a Grafana admin needs to configure the data source, later a Grafana user needs to select a tampered function and hover over the description.\u00a0\n\n Users may upgrade to version 8.5.22, 9.2.15 and 9.3.11 to receive a fix. \n\n\n\n\n\n\n\n\n\n\n"}], "id": "CVE-2023-1410", "lastModified": "2023-04-20T09:15:09.380", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 1.7, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 1.0, "impactScore": 4.7, "source": "security@grafana.com", "type": "Secondary"}]}, "published": "2023-03-23T08:15:12.470", "references": [{"source": "security@grafana.com", "tags": ["Exploit", "Vendor Advisory"], "url": "https://github.com/grafana/bugbounty/security/advisories/GHSA-qrrg-gw7w-vp76"}, {"source": "security@grafana.com", "tags": ["Vendor Advisory"], "url": "https://grafana.com/security/security-advisories/cve-2023-1410/"}, {"source": "security@grafana.com", "url": "https://security.netapp.com/advisory/ntap-20230420-0003/"}], "sourceIdentifier": "security@grafana.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-79"}], "source": "security@grafana.com", "type": "Secondary"}]}