CVE-2018-15727

CRITICAL

Grafana < 2.1.2 - Authentication Bypass

Title source: rule

Description

Grafana 2.x, 3.x, and 4.x before 4.6.4 and 5.x before 5.2.3 allows authentication bypass because an attacker can generate a valid "remember me" cookie knowing only a username of an LDAP or OAuth user.

Exploits (1)

nomisec WORKING POC 22 stars

by u238 · poc

https://github.com/u238/grafana-CVE-2018-15727

View Code ZIP pw:eip

References (4)

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/105184

[Third Party Advisory] https://access.redhat.com/errata/RHSA-2018:3829

[Third Party Advisory] https://access.redhat.com/errata/RHSA-2019:0019

[Patch, Vendor Advisory] https://grafana.com/blog/2018/08/29/grafana-5.2.3-and-4.6.4-released-with-important-security-fix/

Scores

CVSS v3 9.8

EPSS 0.7955

EPSS Percentile 99.1%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-287

Status published

Products (3)

grafana/grafana 0 - 4.6.4Go

grafana/grafana 2.0.0 - 2.1.2

redhat/ceph_storage 3.0

Published Aug 29, 2018

Tracked Since Feb 18, 2026