2148252 – (CVE-2022-39324) CVE-2022-39324 grafana: Spoofing of the originalUrl parameter of snapshots

Bug 2148252 (CVE-2022-39324) - CVE-2022-39324 grafana: Spoofing of the originalUrl parameter of snapshots

Summary: CVE-2022-39324 grafana: Spoofing of the originalUrl parameter of snapshots

Keywords:
Status:	NEW
Alias:	CVE-2022-39324
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Nobody
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	2148331 2148332 2148355 2148356 2148358 2166179
Blocks:	2148254
TreeView+	depends on / blocked

Reported:	2022-11-24 17:48 UTC by Pedro Sampaio
Modified:	2024-03-02 05:32 UTC (History)
CC List:	54 users (show)
Fixed In Version:	grafana 9.2.6.1, grafana 9.1.8.2, grafana 8.5.16
Doc Type:	If docs needed, set a value
Doc Text:	A flaw was found in the grafana package. While creating a snapshot, an attacker may manipulate a hidden HTTP parameter to inject a malicious URL in the "Open original dashboard" button.
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHSA-2023:3642	0	None	None	None	2023-06-15 16:01:20 UTC
Red Hat Product Errata	RHSA-2023:6420	0	None	None	None	2023-11-07 08:16:23 UTC

Description Pedro Sampaio 2022-11-24 17:48:47 UTC

In Grafana, when creating a snapshot, an attacker may manipulate a hidden HTTP parameter to inject a malicious URL in the Open original dashboard” button.

Affected Versions
- Grafana <=8.x
- Grafana <=9.x

Comment 15 Avinash Hanwate 2023-02-01 05:05:17 UTC

Created grafana tracking bugs for this issue:

Affects: fedora-all [bug 2166179]

Comment 18 errata-xmlrpc 2023-06-15 16:01:16 UTC

This issue has been addressed in the following products:

  Red Hat Ceph Storage 6.1

Via RHSA-2023:3642 https://access.redhat.com/errata/RHSA-2023:3642

Comment 20 errata-xmlrpc 2023-11-07 08:16:20 UTC

This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2023:6420 https://access.redhat.com/errata/RHSA-2023:6420

Note You need to log in before you can comment on or make changes to this bug.

agerstmayr
amctagga
anstephe
aoconnor
avibelli
bgeorges
bniver
chazlett
clement.escoffier
dandread
dfreiber
dkreling
ellin
flucifre
gmeno
gparvin
grafana-maint
gsmet
hamadhan
jburrell
jcantril
jkurik
jmartisk
jwendell
jwon
lthon
max.andersen
mbenjamin
mhackett
nathans
njean
owatkins
pahickey
peholase
periklis
pgallagh
pjindal
probinso
rcernich
rgarg
rogbas
rruss
rsvoboda
sbiarozk
scorneli
sdouglas
shbose
sostapov
stcannon
teagle
twalsh
ubhargav
vereddy
vkumar