Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
Grafana Improper Authentication Vulnerability - CVE-2018-15727 - Vulnerability Database
Grafana

Grafana Improper Authentication Vulnerability - CVE-2018-15727

Critical
Reference: CVE-2018-15727
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2018-15727
Title: Grafana Improper Authentication Vulnerability
Overview:

Grafana 2.x 3.x and 4.x before 4.6.4 and 5.x before 5.2.3 allows authentication bypass because an attacker can generate a valid quotremember mequot cookie knowing only a username of an LDAP or OAuth user.