Vulnerabilities > CVE-2024-1442

CVSS 8.8 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

NVD

Published: 2024-03-07

Updated: 2025-03-11

Summary

A user with the permissions to create a data source can use Grafana API to create a data source with UID set to *. Doing this will grant the user access to read, query, edit and delete all data sources within the organization.

References

https://grafana.com/security/security-advisories/cve-2024-1442/
https://grafana.com/security/security-advisories/cve-2024-1442/
https://security.netapp.com/advisory/ntap-20241122-0007/

Vulnerabilities > CVE-2024-1442 {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"CVE-2024-1442"}]}

Summary

References

Vulnerabilities > CVE-2024-1442