{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2022-23498", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2022-01-19T21:23:53.768Z", "datePublished": "2023-02-03T21:34:58.677Z", "dateUpdated": "2024-08-03T03:43:46.002Z"}, "containers": {"cna": {"title": "When query caching is enabled in Grafana users can query another users session", "problemTypes": [{"descriptions": [{"cweId": "CWE-200", "lang": "en", "description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L", "version": "3.1"}}], "references": [{"name": "https://github.com/grafana/grafana/security/advisories/GHSA-2j8f-6whh-frc8", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/grafana/grafana/security/advisories/GHSA-2j8f-6whh-frc8"}], "affected": [{"vendor": "grafana", "product": "grafana", "versions": [{"version": ">= 8.3.0-beta1, < 9.2.10", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2023-02-03T21:34:58.677Z"}, "descriptions": [{"lang": "en", "value": "Grafana is an open-source platform for monitoring and observability. When datasource query caching is enabled, Grafana caches all headers, including `grafana_session`. As a result, any user that queries a datasource where the caching is enabled can acquire another user\u2019s session. To mitigate the vulnerability you can disable datasource query caching for all datasources. This issue has been patched in versions 9.2.10 and 9.3.4.\n"}], "source": {"advisory": "GHSA-2j8f-6whh-frc8", "discovery": "UNKNOWN"}}, "adp": [{"title": "CVE Program Container", "references": [{"url": "https://security.netapp.com/advisory/ntap-20230309-0007/"}, {"name": "https://github.com/grafana/grafana/security/advisories/GHSA-2j8f-6whh-frc8", "tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/grafana/grafana/security/advisories/GHSA-2j8f-6whh-frc8"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T03:43:46.002Z"}}]}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", "matchCriteriaId": "B926C39D-E8F9-431C-BA0A-9FA5927B7CAA", "versionEndExcluding": "9.2.10", "versionStartIncluding": "8.3.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", "matchCriteriaId": "E8642012-7942-4810-8DB0-1894D3BF4662", "versionEndExcluding": "9.3.4", "versionStartIncluding": "9.3.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:grafana:grafana:8.3.0:beta1:*:*:*:*:*:*", "matchCriteriaId": "08157012-0D58-4D9C-8589-09DD699BEA12", "vulnerable": true}, {"criteria": "cpe:2.3:a:grafana:grafana:8.3.0:beta2:*:*:*:*:*:*", "matchCriteriaId": "22D1FEBE-70C4-46FC-AD31-72C4CF793CA9", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Grafana is an open-source platform for monitoring and observability. When datasource query caching is enabled, Grafana caches all headers, including `grafana_session`. As a result, any user that queries a datasource where the caching is enabled can acquire another user\u2019s session. To mitigate the vulnerability you can disable datasource query caching for all datasources. This issue has been patched in versions 9.2.10 and 9.3.4.\n"}], "id": "CVE-2022-23498", "lastModified": "2024-11-21T06:48:41.343", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L", "version": "3.1"}, "exploitabilityScore": 1.6, "impactScore": 5.5, "source": "security-advisories@github.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-02-03T22:15:09.463", "references": [{"source": "security-advisories@github.com", "tags": ["Exploit", "Mitigation", "Third Party Advisory"], "url": "https://github.com/grafana/grafana/security/advisories/GHSA-2j8f-6whh-frc8"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Mitigation", "Third Party Advisory"], "url": "https://github.com/grafana/grafana/security/advisories/GHSA-2j8f-6whh-frc8"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://security.netapp.com/advisory/ntap-20230309-0007/"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "security-advisories@github.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2024:0746", "cpe": "cpe:/a:redhat:ceph_storage:5.3::el8", "package": "rhceph/rhceph-5-dashboard-rhel8:5-83", "product_name": "Red Hat Ceph Storage 5.3", "release_date": "2024-02-08T00:00:00Z"}, {"advisory": "RHSA-2023:3642", "cpe": "cpe:/a:redhat:ceph_storage:6.1::el9", "package": "rhceph/keepalived-rhel9:2.2.4-3", "product_name": "Red Hat Ceph Storage 6.1", "release_date": "2023-06-15T00:00:00Z"}, {"advisory": "RHSA-2023:3642", "cpe": "cpe:/a:redhat:ceph_storage:6.1::el9", "package": "rhceph/rhceph-6-dashboard-rhel9:6-75", "product_name": "Red Hat Ceph Storage 6.1", "release_date": "2023-06-15T00:00:00Z"}, {"advisory": "RHSA-2023:3642", "cpe": "cpe:/a:redhat:ceph_storage:6.1::el9", "package": "rhceph/rhceph-6-rhel9:6-177", "product_name": "Red Hat Ceph Storage 6.1", "release_date": "2023-06-15T00:00:00Z"}, {"advisory": "RHSA-2023:3642", "cpe": "cpe:/a:redhat:ceph_storage:6.1::el9", "package": "rhceph/rhceph-haproxy-rhel9:2.4.17-4", "product_name": "Red Hat Ceph Storage 6.1", "release_date": "2023-06-15T00:00:00Z"}, {"advisory": "RHSA-2023:3642", "cpe": "cpe:/a:redhat:ceph_storage:6.1::el9", "package": "rhceph/rhceph-promtail-rhel9:v2.4.0-5", "product_name": "Red Hat Ceph Storage 6.1", "release_date": "2023-06-15T00:00:00Z"}, {"advisory": "RHSA-2023:3642", "cpe": "cpe:/a:redhat:ceph_storage:6.1::el9", "package": "rhceph/snmp-notifier-rhel9:1.2.1-36", "product_name": "Red Hat Ceph Storage 6.1", "release_date": "2023-06-15T00:00:00Z"}], "bugzilla": {"description": "grafana: Use of Cache Containing Sensitive Information", "id": "2167266", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2167266"}, "csaw": false, "cvss3": {"cvss3_base_score": "8.8", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "status": "verified"}, "cwe": "CWE-200", "details": ["Grafana is an open-source platform for monitoring and observability. When datasource query caching is enabled, Grafana caches all headers, including `grafana_session`. As a result, any user that queries a datasource where the caching is enabled can acquire another user\u2019s session. To mitigate the vulnerability you can disable datasource query caching for all datasources. This issue has been patched in versions 9.2.10 and 9.3.4.", "A flaw was found in the Grafana package. When data-source query caching is enabled, Grafana caches all headers, including `grafana_session.` As a result, any user that queries a data source where the caching is enabled can acquire another user\u2019s session."], "mitigation": {"lang": "en:us", "value": "To mitigate the vulnerability, disable the data source query caching for all data sources."}, "name": "CVE-2022-23498", "package_state": [{"cpe": "cpe:/a:redhat:service_mesh:2.1", "fix_state": "Not affected", "package_name": "servicemesh-grafana", "product_name": "OpenShift Service Mesh 2.1"}, {"cpe": "cpe:/a:redhat:acm:2", "fix_state": "Not affected", "package_name": "rhacm2/acm-grafana-rhel8", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2"}, {"cpe": "cpe:/a:redhat:ceph_storage:3", "fix_state": "Not affected", "package_name": "grafana", "product_name": "Red Hat Ceph Storage 3"}, {"cpe": "cpe:/a:redhat:ceph_storage:4", "fix_state": "Affected", "package_name": "rhceph/rhceph-4-dashboard-rhel8", "product_name": "Red Hat Ceph Storage 4"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "grafana", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "grafana", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Affected", "package_name": "openshift4/ose-grafana", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:storage:3", "fix_state": "Not affected", "package_name": "grafana", "product_name": "Red Hat Storage 3"}], "public_date": "2023-02-03T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2022-23498\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-23498\nhttps://github.com/grafana/grafana/security/advisories/GHSA-2j8f-6whh-frc8"], "threat_severity": "Important", "upstream_fix": "grafana 9.3.4, grafana 9.2.10"}