CNNVD-202511-989 Information
CNNVD ID
CNNVD-202511-989
Related CVE
- CNNVD Published: 2025-11-11
Description (Chinese)
Grafana Databricks Datasource Plugin是Grafana开源的一款数据源连接插件。 Grafana Databricks Datasource Plugin 1.12.1版本至1.12.0之前版本存在安全漏洞,该漏洞源于Oauth passthrough启用时用户标识符使用错误,可能导致未授权信息泄露。
Description (English)
Grafana Databricks Data Source Plugin is a data source connection plugin for the Grafana Open Source. There was a security loophole in the previous versions of Grafana Databricks Data Price 1.12.1 to 1.12.0, which originated from the error in the user identifier used when Outlook was enabled and could lead to unauthorized information leaks.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Grafana
Published
2025-11-11
Last Modified
2026-02-24
References
https://grafana.com/security/security-advisories/cve-2025-41116/ https://access.redhat.com/security/cve/cve-2025-41116 https://vigilance.fr/vulnerability/Grafana-information-disclosure-via-Databricks-Datasource-48742
Share on: