Vulnerabilities > Grafana > Grafana > 9.4.0

DATE CVE VULNERABILITY TITLE RISK
2024-03-07 CVE-2024-1442 Unspecified vulnerability in Grafana
A user with the permissions to create a data source can use Grafana API to create a data source with UID set to *. Doing this will grant the user access to read, query, edit and delete all data sources within the organization.
network
low complexity
grafana
8.8
8.8
2023-10-17 CVE-2023-4399 Unspecified vulnerability in Grafana
Grafana is an open-source platform for monitoring and observability.
network
low complexity
grafana
7.2
7.2
2023-10-16 CVE-2023-4822 Unspecified vulnerability in Grafana
Grafana is an open-source platform for monitoring and observability.
network
low complexity
grafana
7.2
7.2
2023-06-22 CVE-2023-3128 Authentication Bypass by Spoofing vulnerability in Grafana
Grafana is validating Azure AD accounts based on the email claim.
network
low complexity
grafana CWE-290
critical
 9.8
9.8
2023-06-06 CVE-2023-2183 Missing Authorization vulnerability in Grafana
Grafana is an open-source platform for monitoring and observability.
network
low complexity
grafana CWE-862
6.4
6.4
2023-06-06 CVE-2023-2801 Improper Synchronization vulnerability in Grafana
Grafana is an open-source platform for monitoring and observability.
network
high complexity
grafana CWE-662
5.3
5.3
2023-04-26 CVE-2023-1387 Unspecified vulnerability in Grafana
Grafana is an open-source platform for monitoring and observability.
network
low complexity
grafana
7.5
7.5