CVE-2021-27962

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2021-27962

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-27962.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2021-27962

Aliases

BIT-grafana-2021-27962

Downstream

SUSE-SU-2021:2660-1

SUSE-SU-2021:2673-1

SUSE-SU-2021:2675-1

SUSE-SU-2021:3907-1

SUSE-SU-2021:3908-1

openSUSE-SU-2021:1148-1

openSUSE-SU-2021:1162-1

openSUSE-SU-2021:2662-1

openSUSE-SU-2021:2675-1

openSUSE-SU-2024:10818-1

Related

Published

2021-03-22T14:15:14.023Z

Modified

2025-11-14T03:33:48.374552Z

Severity

7.1 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N CVSS Calculator

Summary

[none]

Details

Grafana Enterprise 7.2.x and 7.3.x before 7.3.10 and 7.4.x before 7.4.5 allows a dashboard editor to bypass a permission check concerning a data source they should not be able to access.

References

Affected packages

Git / github.com/grafana/grafana

Affected ranges

Type: GIT
Repo: https://github.com/grafana/grafana
Events: Introduced

efe4941ee38fb86062142a359640ede0abf66ac0

Fixed

43e9cd2a02a7bcb955d95e6d9e330a4795380777

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-27962.json"