DirectorySecurity AdvisoriesPricing
/
Sign in
Security Advisories

CVE-2024-1442

Published

Last updated

NVD

https://nvd.nist.gov/vuln/detail/CVE-2024-1442

Severity

8.8

High

CVSS V3

Description

A user with the permissions to create a data source can use Grafana API to create a data source with UID set to *. Doing this will grant the user access to read, query, edit and delete all data sources within the organization.

References

  • https://nvd.nist.gov/vuln/detail/CVE-2024-1442
  • https://github.com/advisories/GHSA-5mxf-42f5-j782
  • https://pkg.go.dev/vuln/GO-2024-2629
  • https://grafana.com/security/security-advisories/cve-2024-1442/
  • https://security.netapp.com/advisory/ntap-20241122-0007/

Affected packages

The trusted source for open source

Talk to an expert
© 2025 Chainguard. All Rights Reserved.
PrivacyTerms

Product

Chainguard ContainersChainguard LibrariesChainguard VMsIntegrationsPricing

Solutions

FedRAMPPCI DSSCMMC 2.0Golden ImagesCVE RemediationPublic Sector

Customers

Customer StoriesChainguard Reviews

Resources

Events & WebinarsSupply Chain Security 101Chainguard CoursesDocumentationTrust CenterChainguard Slack Community

Company

About UsBlogPartnersNewsroomCareersLegal