CVE-2018-15727

Grafana 2.x, 3.x, and 4.x before 4.6.4 and 5.x before 5.2.3 allows authentication bypass because an attacker can generate a valid "remember me" cookie knowing only a username of an LDAP or OAuth user.

Published: Aug 29, 2018
Updated: May 9, 2024
CVE: CVE-2018-15727
GHSA: GHSA-rgjg-66cx-5x9m
Severity: Critical
Exploit:

CVSS v3:

Severity: Critical
Score: 9.8
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

Severity: High
Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

CWEs:

CWE-287

OWASP TOP 10:

A2 - Broken Authentication

Affected Software
References

Software	From	Fixed in
grafana / grafana	3.0.0	3.1.1.x
grafana / grafana	5.0.0	5.2.3
grafana / grafana	4.0.0	4.6.4
grafana / grafana	2.0.0	2.1.2.x
redhat / ceph_storage	3.0	3.0.x
github.com/grafana/grafana/pkg/api	-	4.6.4
github.com/grafana/grafana/pkg/api	5.0.0	5.2.3

http://www.securityfocus.com/bid/105184
https://access.redhat.com/errata/RHSA-2018:3829
https://access.redhat.com/errata/RHSA-2019:0019
https://github.com/grafana/grafana/commit/7baecf0d0deae0d865e45cf03e082bc0db3f28c3
https://github.com/grafana/grafana/commit/df83bf10a225811927644bdf6265fa80bdea9137
https://grafana.com/blog/2018/08/29/grafana-5.2.3-and-4.6.4-released-with-important-security-fix/
https://www.securityfocus.com/bid/105184

Vulnerability Database

289,599

CVE-2018-15727