CVE-2018-15727
The MITRE CVE dictionary describes this issue as:
Grafana 2.x, 3.x, and 4.x before 4.6.4 and 5.x before 5.2.3 allows authentication bypass because an attacker can generate a valid "remember me" cookie knowing only a username of an LDAP or OAuth user.
Find out more about CVE-2018-15727 from the MITRE CVE dictionary dictionary and NIST NVD.
CVSS v3 metrics
NOTE: The following CVSS v3 metrics and score provided are preliminary and subject to review.
| CVSS3 Base Score | 5.5 |
|---|---|
| CVSS3 Base Metrics | CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L |
| Attack Vector | Adjacent Network |
| Attack Complexity | Low |
| Privileges Required | Low |
| User Interaction | None |
| Scope | Unchanged |
| Confidentiality | Low |
| Integrity Impact | Low |
| Availability Impact | Low |
Affected Packages State
| Platform | Package | State |
|---|---|---|
| Red Hat OpenStack Platform Operational Tools 9 | grafana | Will not fix |
| Red Hat Gluster Storage 3 | grafana | Affected |
| Red Hat Enterprise Linux OpenStack Platform 8.0 Operational Tools for RHEL 7 | grafana | Will not fix |
| Red Hat Ceph Storage 3 | grafana | Affected |
| Red Hat Ceph Storage 2 | grafana | Affected |
Mitigation
As per upstream (https://grafana.com/blog/2018/08/29/grafana-5.2.3-and-4.6.4-released-with-important-security-fix)
* Switch to authentication mechanism other than LDAP or OAuth
* Grafana should be isolated from public networks
CVE description copyright © 2017, The MITRE Corporation