CVE-2023-3128

CVSS 9.4 CRITICALEPSS 4.1%CWE-290

Grafana is validating Azure AD accounts based on the email claim. On Azure AD, the profile email field is not unique and can be easily modified. This leads to account takeover and authentication bypass when Azure AD OAuth is configured with a multi-tenant app.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L

Productos afectados

Grafana · Grafana Grafana · Grafana Enterprise

PoCs públicas encontradas — 1

githubgithub.com/spyata123/CVE-2023-3128★ 0

⚠ Recursos públicos, para evaluar la exposición de sistemas que controlas o estás autorizado a probar. Prueba solo con autorización.

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://github.com/grafana/bugbounty/security/advisories/GHSA-gxh2-6vvc-rrgp https://grafana.com/security/security-advisories/cve-2023-3128/https://security.netapp.com/advisory/ntap-20230714-0004/