Experiencing a Breach?
en
Platform
Why SentinelOne?
Services
Partners
Resources
About
en
Get a Demo
CVE-2022–39328 | SentinelOne

CVE-2022–39328: Grafana Releases New Versions for Recent Vulnerability

by Mansi B.

About the vulnerability

The Grafana is an open-source platform for observability and monitoring used to manage various tasks. Some of its older versions, which start with 9.2.0 and below 9.2.4, have a race condition in the authentication middleware logic that allows an unauthenticated user to query an administration endpoint under a heavy load. This issue is patched in 9.2.4. Updating to the patched version is the only solution, as there are no known workarounds.

According to the Grafana Security release,

“An internal security audit identified a race condition in the Grafana codebase, which allowed an unauthenticated user to query an arbitrary endpoint in Grafana. A race condition in the HTTP context creation could result in an HTTP request being assigned another call’s authentication/authorization middleware. Under heavy load, it is possible that a call protected by a privileged middleware receives the middleware of a public query instead. As a result, an unauthenticated user can successfully query protected endpoints. CVSS score for this vulnerability is 9.8 Critical.”

Later, the severity of this vulnerability was reduced to HIGH with an 8.1 CVSS Score.

Impact

Unauthenticated users can query endpoints with malicious intent.

Grafana Labs released a security advisory stating that this vulnerability allows attackers to bypass the authorization process on arbitrary service endpoints.

Remediation

Version 9.2.4 of Grafana was published as a fix.

How SentinelOne can help

SentinelOne supercharges your cloud security by identifying critical vulnerabilities, misconfigurations, and enforces strong access controls for containerized workloads. Singularity enables runtime detection, cloud VM and container scanning, and employs agentless vulnerability management to minimize attack surfaces and maximize protection.

SentinelOne’s advanced cloud security platform enables you to stay on top of the latest zero-day attacks and improve your security posture across multi-cloud & hybrid environments. Sign up for a personalized demo to learn more.

Like this article? Follow us on LinkedIn, Twitter, YouTube or Facebook to see the content we post.

Read more about Cyber Security

Read More

Get a demo

Defeat every attack, at every stage of the threat lifecycle with SentinelOne

Book a demo and see the world’s most advanced cybersecurity platform in action.

Get Demo

SentinelLabs

SentinelLabs: Threat Intel & Malware Analysis

We are hunters, reversers, exploit developers, & tinkerers shedding light on the vast world of malware, exploits, APTs, & cybercrime across all platforms.

VISIT SITE

Wizard Spider and Sandworm

MITRE Engenuity ATT&CK Evaluation Results

SentinelOne leads in the latest Evaluation with 100% prevention. Leading analytic coverage. Leading visibility. Zero detection delays.

SEE RESULTS