CVE-2022-35957: Authentication Bypass in Grafana via auth proxy allowing escalation from admin to server admin
First published: Fri Sep 09 2022(Updated: )
A flaw was found in the grafana package. Auth proxy allows authentication of a user by only providing the username (or email) in an X-WEBAUTH-USER HTTP header. The trust assumption is that a front proxy will take care of authentication and that the Grafana server is only publicly reachable with this front proxy.
Credit: security-advisories@github.com security-advisories@github.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/grafana | <0:9.0.9-2.el9 | 0:9.0.9-2.el9 |
| Grafana Grafana | <8.5.13 | |
| Grafana Grafana | >=9.0.0<9.0.9 | |
| Grafana Grafana | >=9.1.0<9.1.6 | |
| Fedoraproject Fedora | =37 | |
| redhat/grafana | <9.1.6 | 9.1.6 |
| redhat/grafana | <9.0.9 | 9.0.9 |
| redhat/grafana | <8.5.13 | 8.5.13 |
| go/github.com/grafana/grafana | <8.5.13 | 8.5.13 |
| go/github.com/grafana/grafana | >=9.0.0<9.0.9 | 9.0.9 |
| go/github.com/grafana/grafana | >=9.1.0<9.1.6 | 9.1.6 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://www.cve.org/CVERecord?id=CVE-2022-35957 https://nvd.nist.gov/vuln/detail/CVE-2022-35957 https://github.com/grafana/grafana/security/advisories/GHSA-ff5c-938w-8c9q
- https://bugzilla.redhat.com/show_bug.cgi?id=2125514
- https://access.redhat.com/errata/RHSA-2023:3642
- https://access.redhat.com/errata/RHSA-2023:2167
- https://access.redhat.com/security/cve/cve-2022-35957
- https://github.com/grafana/grafana/security/advisories/GHSA-ff5c-938w-8c9q
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WYU5C2RITLHVZSTCWNGQWA6KSPYNXM2H/
- https://security.netapp.com/advisory/ntap-20221215-0001/
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2128565
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WYU5C2RITLHVZSTCWNGQWA6KSPYNXM2H/
- https://nvd.nist.gov/vuln/detail/CVE-2022-35957
- https://github.com/advisories/GHSA-ff5c-938w-8c9q (Advisory)
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WYU5C2RITLHVZSTCWNGQWA6KSPYNXM2H
- https://security.netapp.com/advisory/ntap-20221215-0001
Frequently Asked Questions
What is CVE-2022-35957?
CVE-2022-35957 is a vulnerability in the grafana package that allows an authenticated admin user to escalate privileges to server admin and gain full control of the grafana instance.
Which versions of grafana are affected by CVE-2022-35957?
Versions prior to 9.1.6 and 8.5.13 of grafana are affected by CVE-2022-35957.
How can an admin exploit CVE-2022-35957?
An admin can exploit CVE-2022-35957 by using auth proxy and escalating their privileges to server admin, gaining full control of the grafana instance.
What is the severity of CVE-2022-35957?
CVE-2022-35957 has a severity value of 6.6, which is considered medium.
Is there a fix available for CVE-2022-35957?
Yes, upgrading to version 9.1.6 or 8.5.13 of grafana will fix the vulnerability CVE-2022-35957.
- collector/redhat-cve
- collector/nvd-index
- agent/type
- agent/first-publish-date
- agent/weakness
- agent/severity
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2022-35957
- agent/software-canonical-lookup
- agent/softwarecombine
- agent/description
- collector/nvd-cve
- source/NVD
- agent/author
- collector/github-advisory-latest
- source/GitHub
- alias/GHSA-ff5c-938w-8c9q
- agent/references
- collector/github-advisory
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/title
- agent/tags
- agent/event
- package-manager/redhat
- vendor/grafana
- canonical/grafana grafana
- version/grafana grafana/9.0.0
- version/grafana grafana/9.1.0
- vendor/fedoraproject
- canonical/fedoraproject fedora
- version/fedoraproject fedora/37
- package-manager/go