CVE-2024-8118

In Grafana, the wrong permission is applied to the alert rule write API endpoint, allowing users with permission to write external alert instances to also write alert rules.
CVSS

No CVSS.

Configurations

No configuration.

History

30 Sep 2024, 12:46

Type Values Removed Values Added
Summary
  • (es) En Grafana, se aplica el permiso incorrecto al endpoint de la API de escritura de reglas de alerta, lo que permite que los usuarios con permiso para escribir instancias de alerta externas tambiĆ©n escriban reglas de alerta.

26 Sep 2024, 19:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-09-26 19:15

Updated : 2024-09-30 12:46


NVD link : CVE-2024-8118

Mitre link : CVE-2024-8118

CVE.ORG link : CVE-2024-8118


JSON object : View

Products Affected

No product.

CWE
CWE-653

Insufficient Compartmentalization