CVE-2024-8118

Vulnerability Description

In Grafana, the wrong permission is applied to the alert rule write API endpoint, allowing users with permission to write external alert instances to also write alert rules.

Related Weaknesses (CWE)

CWE-653

References

https://grafana.com/security/security-advisories/cve-2024-8118/

FAQ

What is CVE-2024-8118?

CVE-2024-8118 is a documented vulnerability. In Grafana, the wrong permission is applied to the alert rule write API endpoint, allowing users with permission to write external alert instances to also write alert rules.

How severe is CVE-2024-8118?

CVSS scoring is not yet available for CVE-2024-8118. Check NVD for updates.

Is there a patch for CVE-2024-8118?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.