Intrusion Prevention

Grafana.Labs.Grafana.avatar.SSRF

Description

This indicates an attack attempt to exploit a Server-Side Request Forgery vulnerability in Grafana.
The vulnerability is due to improper sanitation of user-supplied inputs. The vulnerability may allow a remote attacker to make arbitrary requests through Grafana. Failed exploits will likely crash the program, leading to a Denial of Service condition.

Affected Products

Grafana 3.0.1 to 7.0.1

Impact

Information Spoofing: Remote attackers can spoof data of vulnerable systems.

Recommended Actions

Apply the latest update from the vendor.
https://community.grafana.com/

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date	Version	Status	Detail
2025-03-20	31.974	Modified	Sig Added
2025-03-06	31.966	Modified	Sig Added
2024-05-15	27.788	Modified	Default_action:pass:drop
2024-05-07	27.781	New

ID	55648
Created	Apr 29, 2024
Updated	Mar 20, 2025
CVE ID
Risk
Exploit Prediction Score	92.84%
Default Action	drop
Active
Affected OS	All
Affected App	Other
Profile Type	Permission/Privilege/Access Control

Protect

Detect

Respond

Recover

Identify

Network Security

Cloud & Application Security

Endpoint Security

Security Operations

Intrusion Prevention

Grafana.Labs.Grafana.avatar.SSRF

Description

Affected Products

Impact

Recommended Actions

Coverage

Version Updates

Research Center

Services

Protect

Detect

Respond

Recover

Identify

Network Security

Cloud & Application Security

Endpoint Security

Security Operations

Threat Intelligence Center

Support Center

Resource Center

About

Intrusion Prevention

Grafana.Labs.Grafana.avatar.SSRF

Description

Affected Products

Impact

Recommended Actions

Coverage

Version Updates

Threat Intelligence
Center