What is CVE-2022-32276?

CVE-2022-32276 is a vulnerability in N/a. Published 2022-06-17.

Is CVE-2022-32276 known to be exploited?

10 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2022-32276

Grafana 8.4.3 allows unauthenticated access via (for example) a /dashboard/snapshot/*?orgId=0 URI. NOTE: the vendor considers this a UI bug, not a vulnerability

EPSS: 0.508 (97.9th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

20142995/nuclei-templates
ARPSyndicate/cvemon
Bhanunamikaze/VaktScan
BrotherOfJhonny/grafana
Mr-xn/Penetration_
cyb3r-w0lf/nuclei-template-collection
kh4sh3i/Grafana-CVE
lions2012/Penetration_
vin01/bogus-cves
xuetusummer/Penetration_

References

github.com/BrotherOfJhonny/grafana/blob/main/README.md (x_refsource_MISC)
github.com/grafana/grafana/issues/50336 (x_refsource_MISC)

Frequently asked questions

What is CVE-2022-32276?: CVE-2022-32276 is a vulnerability in N/a. Published 2022-06-17.
Is CVE-2022-32276 known to be exploited?: 10 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.