CVE-2024-9476

Vulnerability Description

A vulnerability in Grafana Labs Grafana OSS and Enterprise allows Privilege Escalation allows users to gain access to resources from other organizations within the same Grafana instance via the Grafana Cloud Migration Assistant.This vulnerability will only affect users who utilize the Organizations feature to isolate resources on their Grafana instance.

Related Weaknesses (CWE)

CWE-266

References

https://grafana.com/blog/2024/11/12/grafana-security-release-medium-severity-sec
https://grafana.com/security/security-advisories/cve-2024-9476/

FAQ

What is CVE-2024-9476?

CVE-2024-9476 is a documented vulnerability. A vulnerability in Grafana Labs Grafana OSS and Enterprise allows Privilege Escalation allows users to gain access to resources from other organizations within the same Grafana instance via the Grafan...

How severe is CVE-2024-9476?

CVSS scoring is not yet available for CVE-2024-9476. Check NVD for updates.

Is there a patch for CVE-2024-9476?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.