CVE-2018-15727

CRITICAL

Grafana 2.x-4.x < 4.6.4 and 5.x < 5.2.3 - Authentication Bypass via Remember Me Cookie

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2018-15727. PoCs published by u238.

AI-analyzed exploit summary This PoC exploits CVE-2018-15727, an authentication bypass vulnerability in Grafana. It generates forged 'remember' cookies for Grafana 4.x and 5.x, allowing an attacker to impersonate any user without valid credentials.

Description

Grafana 2.x, 3.x, and 4.x before 4.6.4 and 5.x before 5.2.3 allows authentication bypass because an attacker can generate a valid "remember me" cookie knowing only a username of an LDAP or OAuth user.

Exploits (1)

nomisec WORKING POC 22 stars
by u238 · poc
https://github.com/u238/grafana-CVE-2018-15727

This PoC exploits CVE-2018-15727, an authentication bypass vulnerability in Grafana. It generates forged 'remember' cookies for Grafana 4.x and 5.x, allowing an attacker to impersonate any user without valid credentials.

Classification
Working Poc 95%
Attack Type
Auth Bypass
Complexity
Trivial
Reliability
Reliable
Target: Grafana 4.x and 5.x
No auth needed
Prerequisites: Access to the target Grafana instance · Ability to set cookies in the browser
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/105184
Third Party Advisory vendor-advisory x_refsource_redhat
https://access.redhat.com/errata/RHSA-2019:0019
Third Party Advisory vendor-advisory x_refsource_redhat
https://access.redhat.com/errata/RHSA-2018:3829

Scores

CVSS v3 9.8
EPSS 0.7955
EPSS Percentile 99.1%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-287
Status published
Products (3)
grafana/grafana 0 - 4.6.4Go
grafana/grafana 2.0.0 - 2.1.2
redhat/ceph_storage 3.0
Published Aug 29, 2018
Tracked Since Feb 18, 2026