Main Vulnerability Database Exploits ID:8327 - Exploit for Improper access control in Grafana - CVE-2021-39226

ID:8327 - Exploit for Improper access control in Grafana - CVE-2021-39226

Published: September 3, 2022

Vulnerability identifier: #VU57320

Vulnerability risk: Medium

CVE-ID: CVE-2021-39226

CWE-ID: CWE-284

Exploitation vector: Remote access

Vulnerable software:
Grafana

Link to public exploit:

https://github.com/kh4sh3i/Grafana-CVE

Vulnerability description

The vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality.

The vulnerability exists due to improper access restrictions to database snapshots. Remote unauthenticated and authenticated users are able to view the snapshot with the lowest database key by accessing the literal paths: /dashboard/snapshot/:key, or /api/snapshots/:key. If the snapshot "public_mode" configuration setting is set to true (vs default of false), unauthenticated users are able to delete the snapshot with the lowest database key by accessing the literal path: /api/snapshots-delete/:deleteKey.

Regardless of the snapshot "public_mode" setting, authenticated users are able to delete the snapshot with the lowest database key by accessing the literal paths: /api/snapshots/:key, or /api/snapshots-delete/:deleteKey. The combination of deletion and viewing enables a complete walk through all snapshot data while resulting in complete snapshot data loss.

Remediation

Install updates from vendor's website.

ID:8327 - Exploit for Improper access control in Grafana - CVE-2021-39226

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human