{
  "threat_severity" : "Moderate",
  "public_date" : "2020-04-01T00:00:00Z",
  "bugzilla" : {
    "description" : "grafana: stored XSS",
    "id" : "1861044",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1861044"
  },
  "cvss3" : {
    "cvss3_base_score" : "6.1",
    "cvss3_scoring_vector" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
    "status" : "verified"
  },
  "cwe" : "CWE-79",
  "details" : [ "Grafana through 6.7.1 allows stored XSS due to insufficient input protection in the originalUrl field, which allows an attacker to inject JavaScript code that will be executed after clicking on Open Original Dashboard after visiting the snapshot.", "A flaw was found in grafana.  The lack of URL sanitizing allows for stored XSS." ],
  "statement" : "Both OpenShift 3.11 and 4.x grafana-container's package a vulnerable version of grafana. However the grafana instance is set to read-only meaning that the potential XSS attack cannot be performed because the original url field cannot be modified. Access to the grafana panel is additionally behind OpenShift OAuth proxy and requires admin permissions.\nAs OpenShift still packages the vulnerable code, the components are affected but the impact is Low.",
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 8",
    "release_date" : "2020-11-04T00:00:00Z",
    "advisory" : "RHSA-2020:4682",
    "cpe" : "cpe:/a:redhat:enterprise_linux:8",
    "package" : "grafana-0:6.7.4-3.el8"
  }, {
    "product_name" : "Red Hat OpenShift Container Platform 4.6",
    "release_date" : "2020-10-27T00:00:00Z",
    "advisory" : "RHSA-2020:4298",
    "cpe" : "cpe:/a:redhat:openshift:4.6::el8",
    "package" : "openshift4/ose-grafana:v4.6.0-202010061132.p0",
    "impact" : "low"
  } ],
  "package_state" : [ {
    "product_name" : "OpenShift Service Mesh 1",
    "fix_state" : "Will not fix",
    "package_name" : "servicemesh-grafana",
    "cpe" : "cpe:/a:redhat:service_mesh:1"
  }, {
    "product_name" : "Red Hat Ceph Storage 2",
    "fix_state" : "Out of support scope",
    "package_name" : "grafana",
    "cpe" : "cpe:/a:redhat:ceph_storage:2"
  }, {
    "product_name" : "Red Hat Ceph Storage 3",
    "fix_state" : "Will not fix",
    "package_name" : "grafana",
    "cpe" : "cpe:/a:redhat:ceph_storage:3"
  }, {
    "product_name" : "Red Hat Ceph Storage 3",
    "fix_state" : "Will not fix",
    "package_name" : "grafana-container",
    "cpe" : "cpe:/a:redhat:ceph_storage:3"
  }, {
    "product_name" : "Red Hat Ceph Storage 4",
    "fix_state" : "Will not fix",
    "package_name" : "rhceph/rhceph-4-dashboard-rhel8",
    "cpe" : "cpe:/a:redhat:ceph_storage:4"
  }, {
    "product_name" : "Red Hat OpenShift Container Platform 3.11",
    "fix_state" : "Fix deferred",
    "package_name" : "openshift3/grafana",
    "cpe" : "cpe:/a:redhat:openshift:3.11",
    "impact" : "low"
  }, {
    "product_name" : "Red Hat Storage 3",
    "fix_state" : "Will not fix",
    "package_name" : "grafana",
    "cpe" : "cpe:/a:redhat:storage:3"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2020-11110\nhttps://nvd.nist.gov/vuln/detail/CVE-2020-11110" ],
  "name" : "CVE-2020-11110",
  "csaw" : false
}