CVE-2023-4399 - OpenCVE

Grafana is an open-source platform for monitoring and observability. In Grafana Enterprise, Request security is a deny list that allows admins to configure Grafana in a way so that the instance doesn’t call specific hosts. However, the restriction can be bypassed used punycode encoding of the characters in the request address.

No CVSS v4.0

Attack Vector Network

Attack Complexity High

Privileges Required High

Scope Changed

Confidentiality Impact High

Integrity Impact None

Availability Impact Low

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Grafana	Grafana

Configuration 1 [-]

OR	cpe:2.3:a:grafana:grafana:::::enterprise:::*
	cpe:2.3:a:grafana:grafana:::::enterprise:::*
	cpe:2.3:a:grafana:grafana:::::enterprise:::*
	cpe:2.3:a:grafana:grafana:::::enterprise:::*

No data.

References

Link	Providers
https://grafana.com/security/security-advisories/cve-2023-4399/
https://security.netapp.com/advisory/ntap-20231208-0003/

History

No history.

MITRE

Status: PUBLISHED

Assigner: GRAFANA

Published: 2023-10-17T07:09:03.015Z

Updated: 2024-08-02T07:24:04.622Z

Reserved: 2023-08-17T10:06:35.187Z

Link: CVE-2023-4399

Vulnrichment

No data.

NVD

Status : Modified

Published: 2023-10-17T08:15:09.553

Modified: 2023-12-08T19:15:07.903

Link: CVE-2023-4399

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-4399", "assignerOrgId": "57da9224-a3e2-4646-9d0e-c4dc2e05e7da", "state": "PUBLISHED", "assignerShortName": "GRAFANA", "dateReserved": "2023-08-17T10:06:35.187Z", "datePublished": "2023-10-17T07:09:03.015Z", "dateUpdated": "2024-08-02T07:24:04.622Z"}, "containers": {"cna": {"affected": [{"product": "Grafana Enterprise", "vendor": "Grafana", "versions": [{"lessThan": "10.1.5", "status": "affected", "version": "10.1.0", "versionType": "semver"}, {"lessThan": "10.0.9", "status": "affected", "version": "10.0.0", "versionType": "semver"}, {"lessThan": "9.5.13", "status": "affected", "version": "9.5.0", "versionType": "semver"}, {"lessThan": "9.4.17", "status": "affected", "version": "9.4.0", "versionType": "semver"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>Grafana is an open-source platform for monitoring and observability. </p><p>In Grafana Enterprise, Request security is a deny list that allows admins to configure Grafana in a way so that the instance doesn\u2019t call specific hosts.</p><p>However, the restriction can be bypassed used punycode encoding of the characters in the request address.</p>"}], "value": "Grafana is an open-source platform for monitoring and observability. \n\nIn Grafana Enterprise, Request security is a deny list that allows admins to configure Grafana in a way so that the instance doesn\u2019t call specific hosts.\n\nHowever, the restriction can be bypassed used punycode encoding of the characters in the request address.\n\n"}], "impacts": [{"capecId": "CAPEC-267", "descriptions": [{"lang": "en", "value": "CAPEC-267"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 6.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:L", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-183", "description": "CWE-183", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "57da9224-a3e2-4646-9d0e-c4dc2e05e7da", "shortName": "GRAFANA", "dateUpdated": "2023-10-17T07:09:03.015Z"}, "references": [{"url": "https://grafana.com/security/security-advisories/cve-2023-4399/"}, {"url": "https://security.netapp.com/advisory/ntap-20231208-0003/"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T07:24:04.622Z"}, "title": "CVE Program Container", "references": [{"url": "https://grafana.com/security/security-advisories/cve-2023-4399/", "tags": ["x_transferred"]}, {"url": "https://security.netapp.com/advisory/ntap-20231208-0003/", "tags": ["x_transferred"]}]}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:grafana:grafana:*:*:*:*:enterprise:*:*:*", "matchCriteriaId": "63D6BD69-0021-4425-815E-BCC6DC6A844D", "versionEndExcluding": "9.4.17", "versionStartIncluding": "9.4.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:grafana:grafana:*:*:*:*:enterprise:*:*:*", "matchCriteriaId": "AE835FB5-83A3-4657-AE71-A6F42A0C6680", "versionEndExcluding": "9.5.13", "versionStartIncluding": "9.5.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:grafana:grafana:*:*:*:*:enterprise:*:*:*", "matchCriteriaId": "DC6EC05D-A16B-4DBD-9D2C-B63C5DE3B31E", "versionEndExcluding": "10.0.9", "versionStartIncluding": "10.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:grafana:grafana:*:*:*:*:enterprise:*:*:*", "matchCriteriaId": "4984FF92-7D1B-4A1A-9C2B-79E052CC8483", "versionEndExcluding": "10.1.5", "versionStartIncluding": "10.1.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Grafana is an open-source platform for monitoring and observability. \n\nIn Grafana Enterprise, Request security is a deny list that allows admins to configure Grafana in a way so that the instance doesn\u2019t call specific hosts.\n\nHowever, the restriction can be bypassed used punycode encoding of the characters in the request address.\n\n"}, {"lang": "es", "value": "Grafana es una plataforma de c\u00f3digo abierto para monitorizaci\u00f3n y observabilidad. En Grafana Enterprise, la seguridad de solicitudes es una lista de denegaci\u00f3n que permite a los administradores configurar Grafana de manera que la instancia no llame a hosts espec\u00edficos. Sin embargo, la restricci\u00f3n se puede eludir utilizando la codificaci\u00f3wn punycode de los caracteres en la direcci\u00f3n de solicitud."}], "id": "CVE-2023-4399", "lastModified": "2023-12-08T19:15:07.903", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 6.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:L", "version": "3.1"}, "exploitabilityScore": 1.3, "impactScore": 4.7, "source": "security@grafana.com", "type": "Secondary"}]}, "published": "2023-10-17T08:15:09.553", "references": [{"source": "security@grafana.com", "tags": ["Vendor Advisory"], "url": "https://grafana.com/security/security-advisories/cve-2023-4399/"}, {"source": "security@grafana.com", "url": "https://security.netapp.com/advisory/ntap-20231208-0003/"}], "sourceIdentifier": "security@grafana.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-183"}], "source": "security@grafana.com", "type": "Secondary"}]}