BIT-grafana-2024-8118

See a problem?
Import Source
https://github.com/bitnami/vulndb/tree/main/data/grafana/BIT-grafana-2024-8118.json
JSON Data
https://api.osv.dev/v1/vulns/BIT-grafana-2024-8118
Aliases
  • CVE-2024-8118
Published
2024-09-30T08:53:49.537Z
Modified
2024-09-30T09:58:05.286909Z
Summary
[none]
Details

In Grafana, the wrong permission is applied to the alert rule write API endpoint, allowing users with permission to write external alert instances to also write alert rules.

References

Affected packages

Bitnami / grafana

Package

Name
grafana
Purl
pkg:bitnami/grafana

Affected ranges

Type
SEMVER
Events
Introduced
8.5.0
Fixed
10.3.10
Introduced
10.4.0
Fixed
10.4.9
Introduced
11.0.0
Fixed
11.0.5
Introduced
11.1.0
Fixed
11.1.6
Introduced
11.2.0
Fixed
11.2.1