CVE-2021-27962

Medium

4.9/10

Summary

Grafana Enterprise 7.2.x and 7.3.x before 7.3.10 and 7.4.x before 7.4.5 allows a dashboard editor to bypass a permission check concerning a data source they should not be able to access.

Access Complexity: MEDIUM
AccessVector: NETWORK
Authentication: SINGLE
Integrity Impact: PARTIAL
Confidentiality Impact: PARTIAL
Availability Impact: NONE

References

Advisory Timeline

Published Mar 22, 2021

CVE-2021-27962

Summary

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS