Grafana 9.1+ URL Login JWT Leak to Data Sources
CVE-2023-1387 Published on April 26, 2023
Grafana is an open-source platform for monitoring and observability. Starting with the 9.1 branch, Grafana introduced the ability to search for a JWT in the URL query parameter auth_token and use it as the authentication token. By enabling the "url_login" configuration option (disabled by default), a JWT might be sent to data sources. If an attacker has access to the data source, the leaked token could be used to authenticate to Grafana.
Vulnerability Analysis
CVE-2023-1387 can be exploited with network access, requires user interaction and user privileges. This vulnerability is consided to have a high level of attack complexity. Public availability of a proof of concept (POC) exploit exists for CVE-2023-1387. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.
Weakness Type
What is an Information Disclosure Vulnerability?
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
CVE-2023-1387 has been classified to as an Information Disclosure vulnerability or weakness.
Products Associated with CVE-2023-1387
Want to know whenever a new CVE is published for Grafana Labs Grafana? stack.watch will email you.
Affected Versions
Grafana:- Version 9.1.0 and below 9.2.17 is affected.
- Version 9.3.0 and below 9.3.13 is affected.
- Version 9.4.0 and below 9.5.0 is affected.
- Version 9.1.0 and below 9.2.17 is affected.
- Version 9.3.0 and below 9.3.13 is affected.
- Version 9.4.0 and below 9.5.0 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.