A user with the permissions to create a data source can use Grafana API to create a data source with UID set to *.
Doing this will grant the user access to read, query, edit and delete all data sources within the organization.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: GRAFANA
Published: 2024-03-07T17:45:43.993Z
Updated: 2024-08-01T18:40:21.181Z
Reserved: 2024-02-12T12:21:26.806Z
Link: CVE-2024-1442
Vulnrichment
Updated: 2024-08-01T18:40:21.181Z
NVD
Status : Awaiting Analysis
Published: 2024-03-07T18:15:46.590
Modified: 2024-03-08T14:02:57.420
Link: CVE-2024-1442
Redhat