Description

Grafana is validating Azure AD accounts based on the email claim. On Azure AD, the profile email field is not unique and can be easily modified. This leads to account takeover and authentication bypass when Azure AD OAuth is configured with a multi-tenant app.

Remediation

References

CVE-2023-3128

Related Vulnerabilities

WordPress Plugin Form Maker by 10Web-Mobile-Friendly Drag & Drop Contact Form Builder Unspecified Vulnerability (1.7.56)

WordPress Plugin Corner Ad Cross-Site Scripting (1.0.7)

WordPress Plugin Anti Plagiarism Cross-Site Scripting (3.60)

MySQL CVE-2022-21319 Vulnerability (CVE-2022-21319)

Drupal Improper Input Validation Vulnerability (CVE-2012-1589)

Severity

Critical

Classification

CVE-2023-3128 CWE-290 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Tags

Missing Update Known Vulnerabilities