Closed Bug 1734304 Opened 4 years ago Closed 4 years ago

Authentication bypass Grafana snapshot due to CVE-2021-39226

Categories

(Websites :: Other, defect)

Product:
Websites
Component:
Other
Version:
Production
Type:
defect

Tracking

(Not tracked)

Status:
RESOLVED DUPLICATE of bug 1731074

People

(Reporter: checked7, Unassigned)

Details

Attachments

(1 file)

2021-10-06_115959.png
246.48 KB, image/png
Details
Attached image 2021-10-06_115959.png

User Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36

Steps to reproduce:

I found Mozzila affected by CVE-2021-39226 at https://grafana.telemetry.mozilla.org/ which has CVSS 9.8 allow unauthenticated attackers can read and delete any snapshot.
Access to https://grafana.telemetry.mozilla.org/api/snapshots/:key
The response will list all snapshots and the attacker can delete it.

Reference:
https://grafana.com/blog/2021/10/05/grafana-7.5.11-and-8.1.6-released-with-critical-security-fix/

Actual results:

Read and delete the snapshot

Expected results:

Read and delete the snapshot

Status: UNCONFIRMED → RESOLVED
Closed: 4 years ago
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: