CVE-2023-1387: Infoleak
First published: Wed Apr 12 2023(Updated: )
Grafana is an open-source platform for monitoring and observability. Starting with the 9.1 branch, Grafana introduced the ability to search for a JWT in the URL query parameter auth_token and use it as the authentication token. By enabling the "url_login" configuration option (disabled by default), a JWT might be sent to data sources. If an attacker has access to the data source, the leaked token could be used to authenticate to Grafana.
Credit: security@grafana.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/grafana | <9.5.0 | 9.5.0 |
| Grafana Labs Grafana OSS and Enterprise | >=9.1.0<9.2.17 | |
| Grafana Labs Grafana OSS and Enterprise | >=9.3.0<9.3.13 | |
| Grafana Labs Grafana OSS and Enterprise | >=9.4.0<9.4.9 | |
| >=9.1.0<9.2.17 | ||
| >=9.3.0<9.3.13 | ||
| >=9.4.0<9.4.9 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://github.com/grafana/bugbounty/security/advisories/GHSA-5585-m9r5-p86j
- https://grafana.com/security/security-advisories/cve-2023-1387/
- https://security.netapp.com/advisory/ntap-20230609-0003/
- https://grafana.com/docs/grafana/latest/setup-grafana/configure-security/configure-authentication/jwt/?mkt_tok=MzU2LVlGRy0zODkAAAGLFetKhj7bubnwJdat7dsOUsknnKYqQ9qYPFzMoSlKt-Q2six9bJNYh9F9jYhkMcc7sxu_Zgchs7ypuWq1wvGij0ouoSHS40eCT0UURdmmvRo#url-login
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2203041
- https://access.redhat.com/errata/RHSA-2023:7741
- https://access.redhat.com/errata/RHSA-2024:0746
- https://bugzilla.redhat.com/show_bug.cgi?id=2186322
Frequently Asked Questions
What is the vulnerability ID for this Grafana vulnerability?
The vulnerability ID for this Grafana vulnerability is CVE-2023-1387.
What is the description of this Grafana vulnerability?
Grafana introduced the ability to search for a JWT in the URL query parameter auth_token and use it as the authentication token, which can be exploited by an attacker.
What is the severity of CVE-2023-1387?
The severity of CVE-2023-1387 is high.
How can an attacker exploit this vulnerability?
An attacker can exploit this vulnerability by searching for a JWT in the URL query parameter auth_token and using it as the authentication token.
Are there any references for CVE-2023-1387?
Yes, there are references for CVE-2023-1387. You can find them at the following links: [link1](https://github.com/grafana/bugbounty/security/advisories/GHSA-5585-m9r5-p86j), [link2](https://grafana.com/security/security-advisories/cve-2023-1387/), [link3](https://security.netapp.com/advisory/ntap-20230609-0003/).
- agent/type
- agent/first-publish-date
- agent/weakness
- agent/author
- agent/description
- agent/references
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2023-1387
- agent/software-canonical-lookup
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/last-modified-date
- agent/event
- agent/source
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/softwarecombine
- agent/tags
- collector/nvd-api
- source/NVD
- package-manager/redhat
- vendor/grafana
- canonical/grafana labs grafana oss and enterprise
- version/grafana labs grafana oss and enterprise/9.1.0
- version/grafana labs grafana oss and enterprise/9.3.0
- version/grafana labs grafana oss and enterprise/9.4.0