CVE-2021-39226 - Grafana Authentication Bypass Vulnerability
CVE-2021-39226
Grafana Labs | Grafana
- Date Added:
- 2022-08-25
- Due Date:
- 2022-09-15
- Vulnerability Name
Grafana Authentication Bypass Vulnerability
- Description
Grafana contains an authentication bypass vulnerability that allows authenticated and unauthenticated users to view and delete all snapshot data, potentially resulting in complete snapshot data loss.
- Known To Be Used in Ransomware Campaigns?
Unknown
- Action
Apply updates per vendor instructions.
- Additional Notes
- https://grafana.com/blog/2021/10/05/grafana-7.5.11-and-8.1.6-released-with-critical-security-fix/; https://nvd.nist.gov/vuln/detail/CVE-2021-39226
Free online web security scanner