CVE-2021-39226
Grafana Authentication Bypass Vulnerability
CVSS
—
Sin CVSS
EPSS
99.9%
p100
KEV
SÍ
25 ago 2022
Exploit Today
80
0-100
Publicado: — · Última mod.: —
99.9%EPSS · 30 días99.9%
2026-06-302026-07-16
Producto
Grafana Labs / Grafana
Vulnerabilidad
Grafana Authentication Bypass Vulnerability
Añadido a KEV
25 ago 2022
Remediar antes de
15 sept 2022
Uso conocido en ransomware
No
Descripción resumida
Grafana contains an authentication bypass vulnerability that allows authenticated and unauthenticated users to view and delete all snapshot data, potentially resulting in complete snapshot data loss.
Acción requerida
Apply updates per vendor instructions.
Notas
https://grafana.com/blog/2021/10/05/grafana-7.5.11-and-8.1.6-released-with-critical-security-fix/; https://nvd.nist.gov/vuln/detail/CVE-2021-39226
CVECVSSEPSSKEVRExplotTítuloVis.
CVE-2021-43798—99.8%
KEV—80Grafana Path Traversal Vulnerability—