Grafana Incorrect Permission Assignment for Critical Resource Vulnerability - CVE-2021-27962 - Vulnerability Database

Grafana Incorrect Permission Assignment for Critical Resource Vulnerability - CVE-2021-27962

High

Reference: CVE-2021-27962

NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2021-27962

Title: Grafana Incorrect Permission Assignment for Critical Resource Vulnerability

Overview:

Grafana Enterprise 7.2.x and 7.3.x before 7.3.10 and 7.4.x before 7.4.5 allows a dashboard editor to bypass a permission check concerning a data source they should not be able to access.