Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Grafana Improper Authentication Vulnerability - CVE-2018-15727 - Vulnerability Database
Grafana

Grafana Improper Authentication Vulnerability - CVE-2018-15727

Critical
Reference: CVE-2018-15727
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2018-15727
Title: Grafana Improper Authentication Vulnerability
Overview:

Grafana 2.x 3.x and 4.x before 4.6.4 and 5.x before 5.2.3 allows authentication bypass because an attacker can generate a valid quotremember mequot cookie knowing only a username of an LDAP or OAuth user.