Privilege escalation in Grafana Labs Oss And Enterprise
CVE-2024-9476
A vulnerability in Grafana Labs Grafana OSS and Enterprise allows Privilege Escalation allows users to gain access to resources from other organizations within the same Grafana instance via the Grafana Cloud Migration Assistant.This vulner…
EPSS: 0.002 (11.5th percentile) — read the EPSS interpretation.
Affected products
- Grafana Labs Oss And Enterprise — versions 11.3.0, 11.2.0
Weakness classification (CWE)
Public proof-of-concept exploits
References
- security@grafana.com (vendor-advisory)
- security@grafana.com
Frequently asked questions
- What is CVE-2024-9476?
- CVE-2024-9476 is a vulnerability in Grafana Labs Oss And Enterprise, classified under Incorrect Privilege Assignment. Published 2024-11-13.
- Is CVE-2024-9476 known to be exploited?
- 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.