Grafana is an open-source platform for monitoring and observability. Starting with the 9.1 branch, Grafana introduced the ability to search for a JWT in the URL query parameter auth_token and use it as the authentication token. By enabling the "url_login" configuration option (disabled by default), a JWT might be sent to data sources. If an attacker has access to the data source, the leaked token could be used to authenticate to Grafana.
rhceph/keepalived Red Hat / RHEL
Fixed in: rhel8@sha256:a3271d3fe7f918a59f96c32fde709b66c9dc5f6d482b5881ca5322a3d701de58_ppc64le RHSA-2024:0746 Fixed in: rhel9@sha256:e12cb06f04ac2870d5c387612f4aab65438c4b8044337ab8c55e924dc273ee6b_ppc64le RHSA-2023:7741 Fixed in: rhel8@sha256:6a75187c09c4c29565a936b67314d37fa34cabe0902e5a70deea731ddcee59a2_s390x RHSA-2024:0746 Fixed in: rhel9@sha256:49e943d69210eb9f4218272f64cc2b9a100bb52416784c417b241c7dcd0eeb23_amd64 RHSA-2023:7741 Fixed in: rhel9@sha256:561fba3667ff302316ecef3dc7a80202ec5b854b347e4cbc5d2d4a2ad4419ed3_s390x RHSA-2023:7741 Fixed in: rhel8@sha256:e39e1ff87d78a154a98bc60f4002ced54758aa1cbbe1a03d57b3141e046eecad_amd64 RHSA-2024:0746 rhceph/keepalived Rocky
Fixed in: rhel9@sha256:561fba3667ff302316ecef3dc7a80202ec5b854b347e4cbc5d2d4a2ad4419ed3_s390x RHSA-2023:7741 Fixed in: rhel8@sha256:e39e1ff87d78a154a98bc60f4002ced54758aa1cbbe1a03d57b3141e046eecad_amd64 RHSA-2024:0746 Fixed in: rhel9@sha256:e12cb06f04ac2870d5c387612f4aab65438c4b8044337ab8c55e924dc273ee6b_ppc64le RHSA-2023:7741 Fixed in: rhel9@sha256:49e943d69210eb9f4218272f64cc2b9a100bb52416784c417b241c7dcd0eeb23_amd64 RHSA-2023:7741 Fixed in: rhel8@sha256:6a75187c09c4c29565a936b67314d37fa34cabe0902e5a70deea731ddcee59a2_s390x RHSA-2024:0746 Fixed in: rhel8@sha256:a3271d3fe7f918a59f96c32fde709b66c9dc5f6d482b5881ca5322a3d701de58_ppc64le RHSA-2024:0746 rhceph/rhceph Red Hat / RHEL
Fixed in: 5-rhel8@sha256:51d3d740a3b063e07a6054142d28bb512af3772201c2233f8e14be5e3d4f6f05_s390x RHSA-2024:0746 Fixed in: 5-rhel8@sha256:e0d758ac81cdc23c8a03ebc7832158ffe53a8cab9b2f5f18dfac0bc0147b0f6f_amd64 RHSA-2024:0746 Fixed in: haproxy-rhel8@sha256:04682c5e2b75cebaf5bd57c9f2c9375361869aa3b7e2e8795a548b7f872327db_amd64 RHSA-2024:0746 Fixed in: 5-rhel8@sha256:10f9c1198dda12709ad7d67f9cb270370eca4f882ef00f40586d5b0acbc8190b_ppc64le RHSA-2024:0746 Fixed in: haproxy-rhel8@sha256:663c2136462c821cafff78ebe1fd993308834358b1241eb7a8c1c440e3057935_ppc64le RHSA-2024:0746 Fixed in: haproxy-rhel8@sha256:88f02f1bba0d7698a1848ad011c418bdaaa97b9095f5d5d5b7fdda48869c87a2_s390x RHSA-2024:0746 Fixed in: promtail-rhel9@sha256:93b546b7d97fd7fdaf9aef486218350817697a6237cbc3ff512eef40ef772a3a_s390x RHSA-2023:7741 Fixed in: 6-rhel9@sha256:f3eb950ff155132b8d113853d05a917a4e949fa80156bbbdda8e61a5a7d18799_s390x RHSA-2023:7741 Fixed in: haproxy-rhel9@sha256:6f6ed4e34b8450b5af74cab6bab790013006269cb997883fc50f5c20c1f5dd8d_s390x RHSA-2023:7741 Fixed in: promtail-rhel9@sha256:d6233ee14663867808ca616c9327278af99e0439f0781b548be35e6ab5777de2_amd64 RHSA-2023:7741 Fixed in: 6-rhel9@sha256:0809ac10fd225656d8fec0002f71c41f7a07d9c5be0c0affd5740cdae43efcf8_amd64 RHSA-2023:7741 Fixed in: haproxy-rhel9@sha256:04e7e7a046da793f667daa0d1eb8dc90ea984dcd1bdefc8a7b96441a6251b280_amd64 RHSA-2023:7741 Fixed in: promtail-rhel9@sha256:9276234cb0599b75d0adc88c7b1882ff3da6742306a30f26dade3f9bde06ec7e_ppc64le RHSA-2023:7741 Fixed in: 6-rhel9@sha256:6c58ed8e6779027d62bca2dab2de0336ee630257dc903c0ff8069ec986395f47_ppc64le RHSA-2023:7741 Fixed in: haproxy-rhel9@sha256:fd567a237640c49c3cb5d392aa995069eb6d7398bffb2fe982f57563b640d630_ppc64le RHSA-2023:7741 rhceph/rhceph Rocky
Fixed in: 5-rhel8@sha256:e0d758ac81cdc23c8a03ebc7832158ffe53a8cab9b2f5f18dfac0bc0147b0f6f_amd64 RHSA-2024:0746 Fixed in: haproxy-rhel8@sha256:04682c5e2b75cebaf5bd57c9f2c9375361869aa3b7e2e8795a548b7f872327db_amd64 RHSA-2024:0746 Fixed in: 5-rhel8@sha256:10f9c1198dda12709ad7d67f9cb270370eca4f882ef00f40586d5b0acbc8190b_ppc64le RHSA-2024:0746 Fixed in: haproxy-rhel8@sha256:663c2136462c821cafff78ebe1fd993308834358b1241eb7a8c1c440e3057935_ppc64le RHSA-2024:0746 Fixed in: 5-rhel8@sha256:51d3d740a3b063e07a6054142d28bb512af3772201c2233f8e14be5e3d4f6f05_s390x RHSA-2024:0746 Fixed in: haproxy-rhel8@sha256:88f02f1bba0d7698a1848ad011c418bdaaa97b9095f5d5d5b7fdda48869c87a2_s390x RHSA-2024:0746 Fixed in: promtail-rhel9@sha256:93b546b7d97fd7fdaf9aef486218350817697a6237cbc3ff512eef40ef772a3a_s390x RHSA-2023:7741 Fixed in: 6-rhel9@sha256:f3eb950ff155132b8d113853d05a917a4e949fa80156bbbdda8e61a5a7d18799_s390x RHSA-2023:7741 Fixed in: haproxy-rhel9@sha256:6f6ed4e34b8450b5af74cab6bab790013006269cb997883fc50f5c20c1f5dd8d_s390x RHSA-2023:7741 Fixed in: promtail-rhel9@sha256:d6233ee14663867808ca616c9327278af99e0439f0781b548be35e6ab5777de2_amd64 RHSA-2023:7741 Fixed in: 6-rhel9@sha256:0809ac10fd225656d8fec0002f71c41f7a07d9c5be0c0affd5740cdae43efcf8_amd64 RHSA-2023:7741 Fixed in: haproxy-rhel9@sha256:04e7e7a046da793f667daa0d1eb8dc90ea984dcd1bdefc8a7b96441a6251b280_amd64 RHSA-2023:7741 Fixed in: promtail-rhel9@sha256:9276234cb0599b75d0adc88c7b1882ff3da6742306a30f26dade3f9bde06ec7e_ppc64le RHSA-2023:7741 Fixed in: 6-rhel9@sha256:6c58ed8e6779027d62bca2dab2de0336ee630257dc903c0ff8069ec986395f47_ppc64le RHSA-2023:7741 Fixed in: haproxy-rhel9@sha256:fd567a237640c49c3cb5d392aa995069eb6d7398bffb2fe982f57563b640d630_ppc64le RHSA-2023:7741 rhceph/rhceph-5 Red Hat / RHEL
Fixed in: dashboard-rhel8@sha256:cbcf2ca9ef81e45796ece23783c282d0313d4a6813a086122466af3f0d3b6088_s390x RHSA-2024:0746 Fixed in: dashboard-rhel8@sha256:5eeace779a37893bfe8f526be9dcfbcf6131af8009cc09d8c04c6a30adf23832_amd64 RHSA-2024:0746 Fixed in: dashboard-rhel8@sha256:6862d889c99ed5652b877660533056d539918e3362a25fea0fb53abe7de23a32_ppc64le RHSA-2024:0746 rhceph/rhceph-5 Rocky
Fixed in: dashboard-rhel8@sha256:6862d889c99ed5652b877660533056d539918e3362a25fea0fb53abe7de23a32_ppc64le RHSA-2024:0746 Fixed in: dashboard-rhel8@sha256:cbcf2ca9ef81e45796ece23783c282d0313d4a6813a086122466af3f0d3b6088_s390x RHSA-2024:0746 Fixed in: dashboard-rhel8@sha256:5eeace779a37893bfe8f526be9dcfbcf6131af8009cc09d8c04c6a30adf23832_amd64 RHSA-2024:0746 rhceph/rhceph-6 Red Hat / RHEL
Fixed in: dashboard-rhel9@sha256:ba574717bd9890dcf1677c9b56d45a2047bb1f6a72a0bb5b8e38c6f3f2db4884_amd64 RHSA-2023:7741 Fixed in: dashboard-rhel9@sha256:72ebf29aa3a85cf49949379958744a699e1f572f79abf75e7cb8094ceecf074e_ppc64le RHSA-2023:7741 Fixed in: dashboard-rhel9@sha256:4dc1e2ace5946178fae29c87e2f86467594833e27ddfef8a005273eb9a1bee45_s390x RHSA-2023:7741 rhceph/rhceph-6 Rocky
Fixed in: dashboard-rhel9@sha256:72ebf29aa3a85cf49949379958744a699e1f572f79abf75e7cb8094ceecf074e_ppc64le RHSA-2023:7741 Fixed in: dashboard-rhel9@sha256:ba574717bd9890dcf1677c9b56d45a2047bb1f6a72a0bb5b8e38c6f3f2db4884_amd64 RHSA-2023:7741 Fixed in: dashboard-rhel9@sha256:4dc1e2ace5946178fae29c87e2f86467594833e27ddfef8a005273eb9a1bee45_s390x RHSA-2023:7741 rhceph/snmp Red Hat / RHEL
Fixed in: notifier-rhel8@sha256:ab41dff414825b28512047407bb4bdf7bfa67c02f783c2469712f54a24a5d167_ppc64le RHSA-2024:0746 Fixed in: notifier-rhel8@sha256:d7334b7d095562b8fd7d93b17bc5a9f4b2788ed553148bb8bad9ab0a2bba0be9_amd64 RHSA-2024:0746 Fixed in: notifier-rhel9@sha256:39e1eb86a6cc6eaa31018a13f86bbb676ec26250d5daf116e3be6d6d194bfe42_ppc64le RHSA-2023:7741 Fixed in: notifier-rhel9@sha256:a47193626427bfe8f686c9f591248d082271c0d20aed96aa268bf7a03b9123d8_s390x RHSA-2023:7741 Fixed in: notifier-rhel8@sha256:031ef712e4211d539514d5c5ce447515f5711af4e6b679e758352942b8b2d709_s390x RHSA-2024:0746 Fixed in: notifier-rhel9@sha256:ca759591794df7f94b67bf798d7d27dd6d2b45d49b8ef8511e2bf51f78672d7e_amd64 RHSA-2023:7741 rhceph/snmp Rocky
Fixed in: notifier-rhel9@sha256:ca759591794df7f94b67bf798d7d27dd6d2b45d49b8ef8511e2bf51f78672d7e_amd64 RHSA-2023:7741 Fixed in: notifier-rhel8@sha256:031ef712e4211d539514d5c5ce447515f5711af4e6b679e758352942b8b2d709_s390x RHSA-2024:0746 Fixed in: notifier-rhel9@sha256:39e1eb86a6cc6eaa31018a13f86bbb676ec26250d5daf116e3be6d6d194bfe42_ppc64le RHSA-2023:7741 Fixed in: notifier-rhel8@sha256:d7334b7d095562b8fd7d93b17bc5a9f4b2788ed553148bb8bad9ab0a2bba0be9_amd64 RHSA-2024:0746 Fixed in: notifier-rhel8@sha256:ab41dff414825b28512047407bb4bdf7bfa67c02f783c2469712f54a24a5d167_ppc64le RHSA-2024:0746 Fixed in: notifier-rhel9@sha256:a47193626427bfe8f686c9f591248d082271c0d20aed96aa268bf7a03b9123d8_s390x RHSA-2023:7741 GrafanaEnterprise Windows application
GrafanaOSS Windows application
Remediation is compiled from vendor and distribution security advisories. Always confirm against the linked source for your exact version and platform.
Exploitability
Attack Vector Network
Attack Complexity High
Privileges Required High
User Interaction Required
Scope Unchanged
Impact
Confidentiality High
Integrity None
Availability None
CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:N/A:N
1.50% probability of exploitation in 30 days
71st percentile
Elevated risk: more likely to be exploited than 71% of all known CVEs.
Other CWE-200 (Information Exposure) vulnerabilities, ordered by exploit likelihood. View all
Embed a live status badge for CVE-2023-1387 Markdown
[](https://tridentstack.com/cve/CVE-2023-1387)HTML
<a href="https://tridentstack.com/cve/CVE-2023-1387"><img src="https://tridentstack.com/cve/badge/CVE-2023-1387.svg" alt="CVE-2023-1387"></a>Find and fix vulnerabilities across your fleet TridentStack Control continuously scans your Windows, macOS, and Linux fleet for known vulnerabilities, prioritizes them by severity and active exploitation, and patches them automatically.
Start free This product uses NVD data but is not endorsed or certified by the NVD. EPSS scores courtesy of FIRST.org (https://www.first.org/epss). Source: CISA KEV Catalog. Data as of 2025-02-13.