virus logo FortiClient Vulnerability

GrafanaOSS CVE-2022-39201 Information Disclosure Vulnerability

description-logoDescription

Starting with version 5.0.0-beta1 and prior to versions 8.5.14 and 9.1.8, Grafana could leak the authentication cookie of users to plugins. The vulnerability impacts data source and plugin proxy endpoints under certain conditions. The destination plugin could receive a user's Grafana authentication cookie. Versions 9.1.8 and 8.5.14 contain a patch for this issue. There are no known workarounds.

affected-products-logoAffected Applications

GrafanaOSS

CVE References

CVE-2022-39201

Other References

https://github.com/grafana/grafana/security/advisories/GHSA-x744-mm8v-vpgr
ID 4558
Created Oct 26, 2022
Description
Updated		 Jul 27, 2023
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
Coverage FortiClient
OS Windows
Vendor Grafana Labs
Patch manual
Application GrafanaOSS