BIT-grafana-2024-11741

See a problem?
Import Source
https://github.com/bitnami/vulndb/tree/main/data/grafana/BIT-grafana-2024-11741.json
JSON Data
https://api.osv.dev/v1/vulns/BIT-grafana-2024-11741
Aliases
Published
2025-02-04T07:14:17.715Z
Modified
2025-02-04T22:42:02.888950Z
Summary
[none]
Details

Grafana is an open-source platform for monitoring and observability. The Grafana Alerting VictorOps integration was not properly protected and could be exposed to users with Viewer permission. Fixed in versions 11.5.0, 11.4.1, 11.3.3,  11.2.6, 11.1.11, 11.0.11 and 10.4.15

Database specific
{
    "cpes": [
        "cpe:2.3:a:grafana:grafana:*:*:*:*:*:go:*:*"
    ],
    "severity": "Medium"
}
References

Affected packages

Bitnami / grafana

Package

Name
grafana
Purl
pkg:bitnami/grafana

Severity

  • 4.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N CVSS Calculator

Affected ranges

Type
SEMVER
Events
Introduced
11.4.0
Fixed
11.4.1
Introduced
11.3.0
Fixed
11.3.3
Introduced
11.2.0
Fixed
11.2.6
Introduced
11.1.0
Fixed
11.1.11
Introduced
10.4.0
Fixed
10.4.15