CVE & CISA-KEV Catalog

CVE-2022-31107

HIGHEPSS 79th pctl
7.1
CVSS v3
NVD

Description

Grafana is an open-source platform for monitoring and observability. In versions 5.3 until 9.0.3, 8.5.9, 8.4.10, and 8.3.10, it is possible for a malicious user who has authorization to log into a Grafana instance via a configured OAuth IdP which provides a login name to take over the account of another user in that Grafana instance. This can occur when the malicious user is authorized to log in to Grafana via OAuth, the malicious user's external user id is not already associated with an account in Grafana, the malicious user's email address is not already associated with an account in Grafana, and the malicious user knows the Grafana username of the target user. If these conditions are met, the malicious user can set their username in the OAuth provider to that of the target user, then go through the OAuth flow to log in to Grafana. Due to the way that external and internal user accounts are linked together during login, if the conditions above are all met then the malicious user will be able to log in to the target user's Grafana account. Versions 9.0.3, 8.5.9, 8.4.10, and 8.3.10 contain a patch for this issue. As a workaround, concerned users can disable OAuth login to their Grafana instance, or ensure that all users authorized to log in via OAuth have a corresponding user account in Grafana linked to their email address.

How to fix

Remediation Available
rhceph/keepalivedRed Hat / RHEL
Fixed in:rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64RHSA-2023:3642
Fixed in:rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390xRHSA-2023:3642
Fixed in:rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64leRHSA-2023:3642
rhceph/keepalivedRocky
Fixed in:rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390xRHSA-2023:3642
Fixed in:rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64leRHSA-2023:3642
Fixed in:rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64RHSA-2023:3642
rhceph/rhcephRocky
Fixed in:promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64leRHSA-2023:3642
Fixed in:promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64RHSA-2023:3642
Fixed in:6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64RHSA-2023:3642
Fixed in:haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64RHSA-2023:3642
Fixed in:6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64leRHSA-2023:3642
Fixed in:haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64leRHSA-2023:3642
Fixed in:promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390xRHSA-2023:3642
Fixed in:6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390xRHSA-2023:3642
Fixed in:haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390xRHSA-2023:3642
rhceph/rhcephRed Hat / RHEL
Fixed in:promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64RHSA-2023:3642
Fixed in:6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64RHSA-2023:3642
Fixed in:haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64RHSA-2023:3642
Fixed in:promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64leRHSA-2023:3642
Fixed in:6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64leRHSA-2023:3642
Fixed in:haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64leRHSA-2023:3642
Fixed in:promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390xRHSA-2023:3642
Fixed in:6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390xRHSA-2023:3642
Fixed in:haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390xRHSA-2023:3642
rhceph/rhceph-6Red Hat / RHEL
Fixed in:dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64leRHSA-2023:3642
Fixed in:dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390xRHSA-2023:3642
Fixed in:dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64RHSA-2023:3642
rhceph/rhceph-6Rocky
Fixed in:dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64RHSA-2023:3642
Fixed in:dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390xRHSA-2023:3642
Fixed in:dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64leRHSA-2023:3642
rhceph/snmpRocky
Fixed in:notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390xRHSA-2023:3642
Fixed in:notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64leRHSA-2023:3642
Fixed in:notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64RHSA-2023:3642
rhceph/snmpRed Hat / RHEL
Fixed in:notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390xRHSA-2023:3642
Fixed in:notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64RHSA-2023:3642
Fixed in:notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64leRHSA-2023:3642
GrafanaEnterpriseWindows application
Affected:9.0.0 9.0.3Fixed in:9.0.3Grafana Labs
Affected:5.3.0 8.3.10Fixed in:8.3.10Grafana Labs
Affected:8.4.0 8.4.10Fixed in:8.4.10Grafana Labs
Affected:8.5.0 8.5.9Fixed in:8.5.9Grafana Labs
GrafanaOSSWindows application
Affected:8.5.0 8.5.9Fixed in:8.5.9Grafana Labs
Affected:9.0.0 9.0.3Fixed in:9.0.3Grafana Labs
Affected:8.4.0 8.4.10Fixed in:8.4.10Grafana Labs
Affected:5.3.0 8.3.10Fixed in:8.3.10Grafana Labs

Remediation is compiled from vendor and distribution security advisories. Always confirm against the linked source for your exact version and platform.

CVSS v3 Vector

Exploitability

Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredLow
User InteractionNone
ScopeUnchanged

Impact

ConfidentialityHigh
IntegrityHigh
AvailabilityLow

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L

Exploit Intelligence

2.04%probability of exploitation in 30 days
79thpercentile

Elevated risk: more likely to be exploited than 79% of all known CVEs.

References

Related Vulnerabilities

Other CWE-863 (Incorrect Authorization) vulnerabilities, ordered by exploit likelihood. View all

CVESeverityCVSSEPSSExploitedFix
CVE-2023-22518Critical9.8100%KEV + RansomFix
CVE-2023-38035Critical9.8100%KEV + Ransom-
CVE-2022-46169Critical9.8100%KEVFix
CVE-2025-29927Critical9.1100%-Fix
CVE-2024-38856Critical9.899%KEVFix
CVE-2020-36289Medium5.399%-Fix
Embed a live status badge for CVE-2022-31107
CVE-2022-31107 severity badge

Markdown

[![CVE-2022-31107](https://tridentstack.com/cve/badge/CVE-2022-31107.svg)](https://tridentstack.com/cve/CVE-2022-31107)

HTML

<a href="https://tridentstack.com/cve/CVE-2022-31107"><img src="https://tridentstack.com/cve/badge/CVE-2022-31107.svg" alt="CVE-2022-31107"></a>

Find and fix vulnerabilities across your fleet

TridentStack Control continuously scans your Windows, macOS, and Linux fleet for known vulnerabilities, prioritizes them by severity and active exploitation, and patches them automatically.

Start free

This product uses NVD data but is not endorsed or certified by the NVD. EPSS scores courtesy of FIRST.org (https://www.first.org/epss). Source: CISA KEV Catalog. Data as of 2024-11-21.