In Grafana, the wrong permission is applied to the alert rule write API endpoint, allowing users with permission to write external alert instances to also write alert rules.
CVSS
No CVSS.
References
Configurations
No configuration.
History
30 Sep 2024, 12:46
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
26 Sep 2024, 19:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-09-26 19:15
Updated : 2024-09-30 12:46
NVD link : CVE-2024-8118
Mitre link : CVE-2024-8118
CVE.ORG link : CVE-2024-8118
JSON object : View
Products Affected
No product.
CWE
CWE-653
Insufficient Compartmentalization