fkie_cve-2021-43813
Vulnerability from fkie_nvd
Published
2021-12-10 18:15
Modified
2024-11-21 06:29
Severity ?
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Summary
Grafana is an open-source platform for monitoring and observability. Grafana prior to versions 8.3.2 and 7.5.12 contains a directory traversal vulnerability for fully lowercase or fully uppercase .md files. The vulnerability is limited in scope, and only allows access to files with the extension .md to authenticated users only. Grafana Cloud instances have not been affected by the vulnerability. Users should upgrade to patched versions 8.3.2 or 7.5.12. For users who cannot upgrade, running a reverse proxy in front of Grafana that normalizes the PATH of the request will mitigate the vulnerability. The proxy will have to also be able to handle url encoded paths. Alternatively, for fully lowercase or fully uppercase .md files, users can block /api/plugins/.*/markdown/.* without losing any functionality beyond inlined plugin help text.
References
security-advisories@github.comhttp://www.openwall.com/lists/oss-security/2021/12/10/4Mailing List, Patch, Release Notes, Third Party Advisory
security-advisories@github.comhttps://github.com/github/securitylab-vulnerabilities/commit/689fc5d9fd665be4d5bba200a6a433b532172d0fBroken Link
security-advisories@github.comhttps://github.com/grafana/grafana/commit/fd48aee61e4328aae8d5303a9efd045fa0ca308dPatch, Third Party Advisory
security-advisories@github.comhttps://github.com/grafana/grafana/security/advisories/GHSA-c3q8-26ph-9g2qPatch, Release Notes, Third Party Advisory
security-advisories@github.comhttps://grafana.com/blog/2021/12/10/grafana-8.3.2-and-7.5.12-released-with-moderate-severity-security-fix/Patch, Release Notes, Vendor Advisory
security-advisories@github.comhttps://grafana.com/docs/grafana/latest/release-notes/release-notes-7-5-12/Release Notes, Vendor Advisory
security-advisories@github.comhttps://grafana.com/docs/grafana/latest/release-notes/release-notes-8-3-2/Release Notes, Vendor Advisory
security-advisories@github.comhttps://security.netapp.com/advisory/ntap-20220107-0006/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2021/12/10/4Mailing List, Patch, Release Notes, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://github.com/github/securitylab-vulnerabilities/commit/689fc5d9fd665be4d5bba200a6a433b532172d0fBroken Link
af854a3a-2127-422b-91ae-364da2661108https://github.com/grafana/grafana/commit/fd48aee61e4328aae8d5303a9efd045fa0ca308dPatch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://github.com/grafana/grafana/security/advisories/GHSA-c3q8-26ph-9g2qPatch, Release Notes, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://grafana.com/blog/2021/12/10/grafana-8.3.2-and-7.5.12-released-with-moderate-severity-security-fix/Patch, Release Notes, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-5-12/Release Notes, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://grafana.com/docs/grafana/latest/release-notes/release-notes-8-3-2/Release Notes, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://security.netapp.com/advisory/ntap-20220107-0006/Third Party Advisory
Impacted products
Vendor Product Version
grafana grafana *
grafana grafana *


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8A7F175-5768-4685-A192-25B4D97FF0CC",
              "versionEndExcluding": "7.5.12",
              "versionStartIncluding": "5.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "072437F7-4A16-4373-9026-7C20B0D2AFB8",
              "versionEndExcluding": "8.3.2",
              "versionStartIncluding": "8.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Grafana is an open-source platform for monitoring and observability. Grafana prior to versions 8.3.2 and 7.5.12 contains a directory traversal vulnerability for fully lowercase or fully uppercase .md files. The vulnerability is limited in scope, and only allows access to files with the extension .md to authenticated users only. Grafana Cloud instances have not been affected by the vulnerability. Users should upgrade to patched versions 8.3.2 or 7.5.12. For users who cannot upgrade, running a reverse proxy in front of Grafana that normalizes the PATH of the request will mitigate the vulnerability. The proxy will have to also be able to handle url encoded paths. Alternatively, for fully lowercase or fully uppercase .md files, users can block /api/plugins/.*/markdown/.* without losing any functionality beyond inlined plugin help text."
    },
    {
      "lang": "es",
      "value": "Grafana es una plataforma de c\u00f3digo abierto para la monitorizaci\u00f3n y la observabilidad. Grafana versiones anteriores a 8.3.2 y 7.5.12, contiene una vulnerabilidad de salto de directorio para archivos .md completamente en min\u00fasculas o en may\u00fasculas. La vulnerabilidad presenta un alcance limitado y s\u00f3lo permite el acceso a los archivos con la extensi\u00f3n .md a usuarios autentificados. Las instancias de Grafana Cloud no han sido afectadas por la vulnerabilidad. Los usuarios deben actualizar a las versiones parcheadas 8.3.2 o 7.5.12. Para usuarios que no puedan actualizar, la ejecuci\u00f3n de un proxy inverso frente a Grafana que normalice el PATH de la petici\u00f3n mitigar\u00e1 la vulnerabilidad. El proxy tambi\u00e9n tendr\u00e1 que ser capaz de manejar rutas codificadas con url. Alternativamente, para archivos .md completamente en min\u00fasculas o en may\u00fasculas, los usuarios pueden bloquear /api/plugins/.*/markdown/.* sin perder ninguna funcionalidad m\u00e1s all\u00e1 del texto de ayuda del plugin alineado"
    }
  ],
  "id": "CVE-2021-43813",
  "lastModified": "2024-11-21T06:29:50.773",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "NONE",
          "baseScore": 4.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 1.4,
        "source": "security-advisories@github.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-12-10T18:15:08.260",
  "references": [
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Mailing List",
        "Patch",
        "Release Notes",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2021/12/10/4"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Broken Link"
      ],
      "url": "https://github.com/github/securitylab-vulnerabilities/commit/689fc5d9fd665be4d5bba200a6a433b532172d0f"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/grafana/grafana/commit/fd48aee61e4328aae8d5303a9efd045fa0ca308d"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Patch",
        "Release Notes",
        "Third Party Advisory"
      ],
      "url": "https://github.com/grafana/grafana/security/advisories/GHSA-c3q8-26ph-9g2q"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Patch",
        "Release Notes",
        "Vendor Advisory"
      ],
      "url": "https://grafana.com/blog/2021/12/10/grafana-8.3.2-and-7.5.12-released-with-moderate-severity-security-fix/"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Release Notes",
        "Vendor Advisory"
      ],
      "url": "https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-5-12/"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Release Notes",
        "Vendor Advisory"
      ],
      "url": "https://grafana.com/docs/grafana/latest/release-notes/release-notes-8-3-2/"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.netapp.com/advisory/ntap-20220107-0006/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Patch",
        "Release Notes",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2021/12/10/4"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "https://github.com/github/securitylab-vulnerabilities/commit/689fc5d9fd665be4d5bba200a6a433b532172d0f"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/grafana/grafana/commit/fd48aee61e4328aae8d5303a9efd045fa0ca308d"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Release Notes",
        "Third Party Advisory"
      ],
      "url": "https://github.com/grafana/grafana/security/advisories/GHSA-c3q8-26ph-9g2q"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Release Notes",
        "Vendor Advisory"
      ],
      "url": "https://grafana.com/blog/2021/12/10/grafana-8.3.2-and-7.5.12-released-with-moderate-severity-security-fix/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Release Notes",
        "Vendor Advisory"
      ],
      "url": "https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-5-12/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Release Notes",
        "Vendor Advisory"
      ],
      "url": "https://grafana.com/docs/grafana/latest/release-notes/release-notes-8-3-2/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.netapp.com/advisory/ntap-20220107-0006/"
    }
  ],
  "sourceIdentifier": "security-advisories@github.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-22"
        }
      ],
      "source": "security-advisories@github.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-22"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.