SB2022092614 - Privilege escalation in Grafana

Description

This security bulletin contains information about 2 secuirty vulnerabilities.

1) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2022-36062)

The vulnerability allows a remote user to escalate privileges on the system.

The vulnerability exists due to application does not properly impose security restrictions, which leads to security restrictions bypass and privilege escalation.

2) Authentication bypass using an alternate path or channel (CVE-ID: CVE-2022-35957)

The vulnerability allows a remote user to escalate privileges within the application.

The vulnerability exists due to the way Grafana handles authorization process when Auth proxy authentication is used. A remote user with admin privileges can authenticate as Server Admin by providing the username (or email) in a X-WEBAUTH-USER HTTP header.

Remediation

Install update from vendor's website.

References

• https://github.com/grafana/grafana/security/advisories/GHSA-p978-56hq-r492
• https://github.com/grafana/grafana/security/advisories/GHSA-ff5c-938w-8c9q
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WYU5C2RITLHVZSTCWNGQWA6KSPYNXM2H/