Lucene search
Veracode Vulnerability DatabaseVERACODE:7382HistoryAug 30, 2018 - 5:17 a.m.
Authentication Bypass
2018-08-3005:17:12
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
7
0.014 Low
EPSS
Percentile
86.6%
github.com/grafana/grafana is vulnerable to authentication bypass. An attacker is able to generate a valid remember me cookie via the Login function with only the username of a user without a local Grafana password (LDAP & OAuth users) and gain access to the application.
| CPE | Name | Operator | Version |
|---|---|---|---|
| github.com/grafana/grafana | eq | HEAD | |
| github.com/grafana/grafana | le | 5.2.2 |
Related
prion
prion
Authentication flaw
2018-08-29 15:29:00
nvd
nvd
CVE-2018-15727
2018-08-29 15:29:00
CVE-2018-558213
2018-08-29 15:29:00
veracode
veracode
Authentication Bypass
2019-01-15 09:27:17
openvas
openvas
Grafana Authentication Bypass Vulnerability
2018-08-31 00:00:00
osv
osv
CVE-2018-15727
2018-08-29 15:29:00
Grafana Authentication Bypass
2022-02-15 01:57:18
redhat
redhat
(RHSA-2018:3829) Moderate: RHGS WA security and bug fix update
2018-12-17 04:49:19
(RHSA-2019:0019) Moderate: grafana security and bug fix update
2019-01-03 17:35:51
github
github
Grafana Authentication Bypass
2022-02-15 01:57:18
redhatcve
redhatcve
CVE-2018-15727
2018-08-30 22:18:55
cvelist
cvelist
CVE-2018-15727
2018-08-29 15:00:00
nessus
nessus
RHEL 7 : RHGS WA (RHSA-2018:3829)
2018-12-17 00:00:00
RHEL 7 : grafana (RHSA-2019:0019)
2019-01-07 00:00:00
cve
cve
CVE-2018-15727
2018-08-29 15:29:00
CVE-2018-558213
2022-10-03 16:21:57
ubuntucve
ubuntucve
CVE-2018-15727
2018-08-29 00:00:00