VDB
BIT-grafana-2022-21673
BIT-grafana-2022-21673
PUBLISHED
CVSS 4.300000190734863 MEDIUM
OAuth Identity Token exposure in Grafana
Risk Scores
CVSS 3.1
4.300000190734863
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Bitnami | grafana | 7.2.0, 8.0.0, 7.2.0 |
Timeline
- Mar 6, 2024 CVE Published
- Oct 14, 2025 CVE Updated
References
- https://github.com/grafana/grafana/releases/tag/v7.5.13 url
- https://github.com/grafana/grafana/releases/tag/v8.3.4 url
- https://github.com/grafana/grafana/security/advisories/GHSA-8wjh-59cw-9xh4 url
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2PFW6Q2LXXWTFRTMTRN4ZGADFRQPKJ3D/ url
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36GUEPA5TPSC57DZTPYPBL6T7UPQ2FRH/ url
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HLAQRRGNSO5MYCPAXGPH2OCSHOGHSQMQ/ url
- https://security.netapp.com/advisory/ntap-20220303-0004/ url
- https://nvd.nist.gov/vuln/detail/CVE-2022-21673 url