FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

Grafana -- Path Traversal

Affected packages
8.0.0 <= grafana < 8.0.7
8.1.0 <= grafana < 8.1.8
8.2.0 <= grafana < 8.2.7
8.3.0 <= grafana < 8.3.1
8.0.0 <= grafana8 < 8.0.7
8.1.0 <= grafana8 < 8.1.8
8.2.0 <= grafana8 < 8.2.7
8.3.0 <= grafana8 < 8.3.1

Details

VuXML ID e33880ed-5802-11ec-8398-6c3be5272acd
Discovery 2021-12-03
Entry 2021-12-11

Grafana Labs reports:

Grafana is vulnerable to directory traversal, allowing access to local files. We have confirmed this for versions v8.0.0-beta1 to v8.3.0. Thanks to our defense-in-depth approach, at no time has Grafana Cloud been vulnerable.

The vulnerable URL path is: <grafana_host_url>/public/plugins/<“plugin-id”> where <“plugin-id”> is the plugin ID for any installed plugin.

Every Grafana instance comes with pre-installed plugins like the Prometheus plugin or MySQL plugin so the following URLs are vulnerable for every instance:

References

CVE Name CVE-2021-43798
URL https://grafana.com/blog/2021/12/07/grafana-8.3.1-8.2.7-8.1.8-and-8.0.7-released-with-high-severity-security-fix/