CVE-2018-15727
- Source
- https://cve.org/CVERecord?id=CVE-2018-15727
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-15727.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2018-15727
- Aliases
- Downstream
- Related
- Published
- 2018-08-29T15:29:00.240Z
- Modified
- 2026-04-02T01:38:26.970382Z
- Severity
-
- 9.8 (Critical) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
Grafana 2.x, 3.x, and 4.x before 4.6.4 and 5.x before 5.2.3 allows authentication bypass because an attacker can generate a valid "remember me" cookie knowing only a username of an LDAP or OAuth user.
- References
Affected packages
Git / github.com/grafana/grafana
Affected ranges
- Type
- GIT
- Repo
- https://github.com/grafana/grafana
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroducedFixedIntroducedFixed
- Database specific
{ "versions": [ { "introduced": "2.0.0" }, { "last_affected": "2.1.2" }, { "introduced": "3.0.0" }, { "last_affected": "3.1.1" }, { "introduced": "4.0.0" }, { "fixed": "4.6.4" }, { "introduced": "5.0.0" }, { "fixed": "5.2.3" } ] }
Affected versions
1.*
1.0.0
6.*
6.1.6
7.*
7.0.0
7.2.1
Other
dupa
list
omgtest
pull
test
vtest-new-release-pipeline
packages@6.*
packages@6.3.0-alpha.33
packages@6.3.0-alpha.36
packages@6.3.0-beta.1
pkg/promlib/v0.*
pkg/promlib/v0.0.1
pkg/promlib/v0.0.10
pkg/promlib/v0.0.2
pkg/promlib/v0.0.3
pkg/promlib/v0.0.4
pkg/promlib/v0.0.5
pkg/promlib/v0.0.6
pkg/promlib/v0.0.7
pkg/promlib/v0.0.8
pkg/promlib/v0.0.9
pkg/util/xorm/v0.*
pkg/util/xorm/v0.0.1
rrc_fast_12.*
rrc_fast_12.2.0-17261372546.patch1
rrc_steady_12.*
rrc_steady_12.2.0-17245430286.patch1
rrc_steady_12.4.0-19174562009.patch4
rrc_steady_13.*
rrc_steady_13.0.0-22843068776.patch2
v0.*
v0.0.0-cloud
v0.0.0-kmdagger1
v0.0.0-kmdagger2
v0.0.0-kmdagger3
v0.0.0-test
v0.0.0-test.2
v0.0.0-testrgm3
v0.0.0-testrgm4
v0.0.0-testrgm6
v0.0.1-test
v0.0.85-test
v1.*
v1.0
v1.0.1
v1.0.2
v1.0.3
v1.0.4
v1.1.0
v1.2.0
v1.3.0
v1.4.0
v1.5.0
v1.5.1
v1.5.2
v1.5.3
v1.5.4
v1.6.0
v1.6.1
v1.7.0
v1.7.0-rc1
v1.8.0
v1.8.0-rc1
v1.8.1
v1.9.0
v1.9.0-rc1
v1.9.1
v10.*
v10.0.0
v10.0.0-preview
v10.0.1
v10.0.10
v10.0.11
v10.0.12
v10.0.13
v10.0.2
v10.0.3
v10.0.4
v10.0.5
v10.0.6
v10.0.8
v10.0.9
v10.1.0
v10.1.1
v10.1.10
v10.1.2
v10.1.4
v10.1.5
v10.1.6
v10.1.7
v10.1.8
v10.1.9
v10.2.0
v10.2.1
v10.2.2
v10.2.3
v10.2.4
v10.2.5
v10.2.6
v10.2.7
v10.2.8
v10.2.9
v10.3.0
v10.3.1
v10.3.10
v10.3.11
v10.3.12
v10.3.3
v10.3.4
v10.3.5
v10.3.6
v10.3.7
v10.3.8
v10.3.9
v10.4.0
v10.4.1
v10.4.10
v10.4.11
v10.4.12
v10.4.13
v10.4.14
v10.4.15
v10.4.16
v10.4.17
v10.4.17+security-01
v10.4.18
v10.4.18+security-01
v10.4.19
v10.4.19+security-01
v10.4.2
v10.4.3
v10.4.4
v10.4.5
v10.4.6
v10.4.7
v10.4.8
v10.4.9
v11.*
v11.0.0
v11.0.0-preview
v11.0.1
v11.0.10
v11.0.11
v11.0.2
v11.0.3
v11.0.4
v11.0.5
v11.0.5+security-01
v11.0.6
v11.0.6+security-01
v11.0.7
v11.0.8
v11.0.9
v11.1.0
v11.1.1
v11.1.10
v11.1.11
v11.1.12
v11.1.13
v11.1.2
v11.1.3
v11.1.4
v11.1.5
v11.1.6
v11.1.6+security-01
v11.1.7
v11.1.7+security-01
v11.1.8
v11.1.9
v11.1.999-zserge-test
v11.2.0
v11.2.1
v11.2.1+security-01
v11.2.10
v11.2.10+security-01
v11.2.2
v11.2.2+security-01
v11.2.3
v11.2.3+security-01
v11.2.4
v11.2.5
v11.2.6
v11.2.7
v11.2.8
v11.2.8+security-01
v11.2.9
v11.2.9+security-01
v11.3.0
v11.3.0+security-01
v11.3.1
v11.3.2
v11.3.3
v11.3.4
v11.3.5
v11.3.5+security-01
v11.3.6
v11.3.6+security-01
v11.3.7
v11.3.7+security-01
v11.3.8
v11.3.8+security-01
v11.3.9
v11.4.0
v11.4.1
v11.4.2
v11.4.3
v11.4.3+security-01
v11.4.4
v11.4.4+security-01
v11.4.5
v11.4.5+security-01
v11.4.6
v11.4.6+security-01
v11.4.7
v11.4.8
v11.5.0
v11.5.1
v11.5.10
v11.5.2
v11.5.3
v11.5.3+security-01
v11.5.4
v11.5.4+security-01
v11.5.5
v11.5.5+security-01
v11.5.6
v11.5.6+security-01
v11.5.7
v11.5.8
v11.5.9
v11.6.0
v11.6.0+security-01
v11.6.1
v11.6.1+security-01
v11.6.10
v11.6.10+security-01
v11.6.11
v11.6.12
v11.6.13
v11.6.14
v11.6.14+security-01
v11.6.2
v11.6.2+security-01
v11.6.3
v11.6.3+security-01
v11.6.4
v11.6.5
v11.6.6
v11.6.7
v11.6.8
v11.6.9
v11.6.9+security-01
v12.*
v12.0.0
v12.0.0+security-01
v12.0.1
v12.0.1+security-01
v12.0.10
v12.0.2
v12.0.2+security-01
v12.0.3
v12.0.4
v12.0.5
v12.0.6
v12.0.6+security-01
v12.0.7
v12.0.8
v12.0.8+security-01
v12.0.9
v12.1.0
v12.1.1
v12.1.10
v12.1.10+security-01
v12.1.2
v12.1.3
v12.1.3+security-01
v12.1.4
v12.1.5
v12.1.5+security-01
v12.1.6
v12.1.6+security-01
v12.1.7
v12.1.8
v12.1.9
v12.2.0
v12.2.1
v12.2.1+security-01
v12.2.2
v12.2.3
v12.2.3+security-01
v12.2.4
v12.2.4+security-01
v12.2.5
v12.2.6
v12.2.7
v12.2.8
v12.2.8+security-01
v12.3.0
v12.3.1
v12.3.1+security-01
v12.3.2
v12.3.2+security-01
v12.3.3
v12.3.4
v12.3.5
v12.3.6
v12.3.6+security-01
v12.4.0
v12.4.1
v12.4.2
v2.*
v2.0.0-beta1
v2.0.0-beta3
v2.0.1
v2.0.2
v2.1.0
v2.1.1
v2.1.2
v3.*
v3.2.1-test
v4.*
v4.0.0
v4.0.1
v4.0.2
v4.1.0
v4.1.0-beta1
v4.1.1
v4.1.2
v4.2.0
v4.2.0-beta1
v4.3.0
v4.3.0-beta1
v4.3.1
v4.3.2
v4.4.0
v4.4.1
v4.4.2
v4.4.3
v4.5.0
v4.5.0-beta1
v4.5.1
v4.5.2
v4.6.0
v4.6.0-beta1
v4.6.0-beta2
v4.6.0-beta3
v4.6.1
v4.6.2
v4.6.3
v5.*
v5.,2.4
v5.0.0
v5.0.0-beta1
v5.0.0-beta2
v5.0.0-beta3
v5.0.0-beta4
v5.0.0-beta5
v5.0.1
v5.0.2
v5.0.3
v5.0.4
v5.1.0
v5.1.0-beta1
v5.1.1
v5.1.2
v5.1.3
v5.1.4
v5.1.5
v5.2.0
v5.2.0-beta1
v5.2.0-beta2
v5.2.0-beta3
v5.2.1
v5.2.2
v5.3.0
v5.3.0-beta1
v5.3.0-beta2
v5.3.0-beta3
v5.3.1
v5.3.2
v5.3.3
v5.3.4
v5.4.0
v5.4.0-beta1
v5.4.1
v5.4.2
v5.4.3
v5.4.4
v5.4.4_private
v5.4.5
v6.*
v6.0.0
v6.0.0-beta1
v6.0.0-beta2
v6.0.0-beta3
v6.0.1
v6.0.2
v6.1.0
v6.1.0-beta1
v6.1.1
v6.1.2
v6.1.3
v6.1.4
v6.1.6
v6.2.0
v6.2.0-beta1
v6.2.0-beta2
v6.2.1
v6.2.2
v6.2.3
v6.2.4
v6.2.5
v6.3.0
v6.3.0-alpha.30
v6.3.0-beta.0
v6.3.0-beta1
v6.3.0-beta2
v6.3.0-beta3
v6.3.0-beta4
v6.3.1
v6.3.2
v6.3.3
v6.3.4
v6.3.5
v6.3.6
v6.3.7
v6.4.0
v6.4.0-beta1
v6.4.0-beta2
v6.4.1
v6.4.2
v6.4.3
v6.4.4
v6.4.5
v6.5
v6.5.0
v6.5.0-beta1
v6.5.1
v6.5.2
v6.5.3
v6.6.0
v6.6.0-beta1
v6.6.1
v6.6.2
v6.7.0
v6.7.0-beta1
v6.7.1
v6.7.2
v6.7.3
v6.7.4
v6.7.5
v6.7.6
v7.*
v7.0.0
v7.0.0-beta1
v7.0.0-beta2
v7.0.0-beta3
v7.0.1
v7.0.2
v7.0.3
v7.0.4
v7.0.5
v7.0.6
v7.1.0
v7.1.0-beta1
v7.1.0-beta2
v7.1.0-beta3
v7.1.1
v7.1.2
v7.1.3
v7.1.4
v7.1.5
v7.2.0
v7.2.0-beta1
v7.2.0-beta2
v7.2.1
v7.2.2
v7.2.3
v7.3.0
v7.3.0-beta1
v7.3.0-beta2
v7.3.1
v7.3.10
v7.3.2
v7.3.3
v7.3.4
v7.3.5
v7.3.6
v7.3.7
v7.3.8
v7.4.0
v7.4.0-beta1
v7.4.1
v7.4.2
v7.4.3
v7.4.4
v7.4.5
v7.5.0
v7.5.0-beta1
v7.5.0-beta2
v7.5.1
v7.5.10
v7.5.11
v7.5.12
v7.5.13
v7.5.15
v7.5.16
v7.5.17
v7.5.2
v7.5.3
v7.5.4
v7.5.5
v7.5.6
v7.5.7
v7.5.8
v7.5.9
v8.*
v8.0.0
v8.0.0-beta1
v8.0.0-beta2
v8.0.0-beta3
v8.0.1
v8.0.2
v8.0.3
v8.0.4
v8.0.5
v8.0.6
v8.0.7
v8.1.0
v8.1.0-beta1
v8.1.0-beta2
v8.1.0-beta3
v8.1.1
v8.1.2
v8.1.3
v8.1.4
v8.1.5
v8.1.6
v8.1.7
v8.1.8
v8.2.0
v8.2.0-beta1
v8.2.0-beta2
v8.2.1
v8.2.2
v8.2.3
v8.2.4
v8.2.5
v8.2.6
v8.2.7
v8.3.0
v8.3.0-beta1
v8.3.0-beta2
v8.3.1
v8.3.10
v8.3.11
v8.3.2
v8.3.3
v8.3.4
v8.3.5
v8.3.6
v8.3.7
v8.4.0
v8.4.0-beta1
v8.4.1
v8.4.10
v8.4.11
v8.4.2
v8.4.3
v8.4.4
v8.4.5
v8.4.6
v8.4.7
v8.5.0
v8.5.0-beta1
v8.5.1
v8.5.10
v8.5.11
v8.5.13
v8.5.14
v8.5.15
v8.5.16
v8.5.2
v8.5.20
v8.5.21
v8.5.22
v8.5.24
v8.5.26
v8.5.27
v8.5.3
v8.5.4
v8.5.5
v8.5.6
v8.5.9
v9.*
v9.0.0
v9.0.0-beta1
v9.0.0-beta2
v9.0.0-beta3
v9.0.1
v9.0.2
v9.0.3
v9.0.4
v9.0.5
v9.0.6
v9.0.7
v9.0.8
v9.0.9
v9.1.0
v9.1.0-beta1
v9.1.1
v9.1.2
v9.1.3
v9.1.4
v9.1.5
v9.1.6
v9.1.7
v9.1.8
v9.2.0
v9.2.0-279c6c6c7d
v9.2.0-beta1
v9.2.1
v9.2.10
v9.2.13
v9.2.15
v9.2.17
v9.2.18
v9.2.19
v9.2.2
v9.2.20
v9.2.3
v9.2.4
v9.2.5
v9.2.6
v9.2.7
v9.2.8
v9.3.0
v9.3.0-beta1
v9.3.1
v9.3.11
v9.3.13
v9.3.14
v9.3.15
v9.3.16
v9.3.2
v9.3.4
v9.3.6
v9.3.8
v9.4.0
v9.4.0-beta1
v9.4.1
v9.4.10
v9.4.12
v9.4.13
v9.4.14
v9.4.15
v9.4.17
v9.4.2
v9.4.3
v9.4.7
v9.4.9
v9.5.0
v9.5.1
v9.5.10
v9.5.12
v9.5.13
v9.5.14
v9.5.15
v9.5.16
v9.5.17
v9.5.18
v9.5.19
v9.5.2
v9.5.20
v9.5.21
v9.5.3
v9.5.5
v9.5.6
v9.5.7
v9.5.8
v9.5.9