Grafana OnCall is an easy-to-use on-call management tool that will help reduce toil in on-call management through simpler workflows and interfaces that are tailored specifically for engineers.
Grafana OnCall, from version 1.1.37 before 1.5.2 are vulnerable to a Server Side Request Forgery (SSRF) vulnerability in the webhook functionallity.
This issue was fixed in version 1.5.2
References
Link | Resource |
---|---|
https://grafana.com/security/security-advisories/cve-2024-5526/ | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: GRAFANA
Published: 2024-06-05T11:21:06.740Z
Updated: 2024-06-05T13:49:42.734Z
Reserved: 2024-05-30T09:01:00.252Z
Link: CVE-2024-5526
JSON object: View
NVD Information
Status : Analyzed
Published: 2024-06-05T12:15:10.553
Modified: 2024-06-11T17:25:55.677
Link: CVE-2024-5526
JSON object: View
Redhat Information
No data.
CWE