CVE-2023-1387 Information
Share on:Description
Grafana is an open-source platform for monitoring and observability.
Starting with the 9.1 branch Grafana introduced the ability to search for a JWT in the URL query parameter auth_token and use it as the authentication token.
By enabling the rl_login\ configuration option (disabled by default) a JWT might be sent to data sources. If an attacker has access to the data source the leaked token could be used to authenticate to Grafana.
Reference
https://grafana.com/security/security-advisories/cve-2023-1387/ https://github.com/grafana/bugbounty/security/advisories/GHSA-5585-m9r5-p86j Grafana is an open-source platform for monitoring and observability.
Starting with the 9.1 branch Grafana introduced the ability to search for a JWT in the URL query parameter auth_token and use it as the authentication token.
By
enabling
the
rl_login
configuration
option
(disabled
by
default)
a
JWT
might
be
sent
to
data
sources.
If
an
attacker
has
access
to
the
data
source
the
leaked
token
could
be
used
to
authenticate
to
Grafana.