{
  "threat_severity" : "Moderate",
  "public_date" : "2023-04-12T00:00:00Z",
  "bugzilla" : {
    "description" : "grafana: JWT token leak to data source",
    "id" : "2186322",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2186322"
  },
  "cvss3" : {
    "cvss3_base_score" : "7.5",
    "cvss3_scoring_vector" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
    "status" : "verified"
  },
  "cwe" : "CWE-200",
  "details" : [ "Grafana is an open-source platform for monitoring and observability. \nStarting with the 9.1 branch, Grafana introduced the ability to search for a JWT in the URL query parameter auth_token and use it as the authentication token. \nBy enabling the \"url_login\" configuration option (disabled by default), a JWT might be sent to data sources. If an attacker has access to the data source, the leaked token could be used to authenticate to Grafana.", "A flaw was found in Grafana. This flaw allows a remote, authenticated attacker to obtain sensitive information caused by an issue when enabling the \"url_login\" configuration option. By sending a specially crafted request, an attacker can obtain JWT information and use this to launch further attacks against the affected system." ],
  "acknowledgement" : "Upstream acknowledges Grafana Security Team as the original reporter.",
  "affected_release" : [ {
    "product_name" : "Red Hat Ceph Storage 5.3",
    "release_date" : "2024-02-08T00:00:00Z",
    "advisory" : "RHSA-2024:0746",
    "cpe" : "cpe:/a:redhat:ceph_storage:5.3::el8",
    "package" : "rhceph/rhceph-5-dashboard-rhel8:5-83"
  }, {
    "product_name" : "Red Hat Ceph Storage 6.1",
    "release_date" : "2023-12-12T00:00:00Z",
    "advisory" : "RHSA-2023:7741",
    "cpe" : "cpe:/a:redhat:ceph_storage:6.1::el9",
    "package" : "rhceph/rhceph-6-dashboard-rhel9:6-82"
  } ],
  "package_state" : [ {
    "product_name" : "OpenShift Service Mesh 2.1",
    "fix_state" : "Affected",
    "package_name" : "servicemesh-grafana",
    "cpe" : "cpe:/a:redhat:service_mesh:2.1"
  }, {
    "product_name" : "Red Hat Advanced Cluster Management for Kubernetes 2",
    "fix_state" : "Not affected",
    "package_name" : "rhacm2/acm-grafana-rhel8",
    "cpe" : "cpe:/a:redhat:acm:2"
  }, {
    "product_name" : "Red Hat Ceph Storage 3",
    "fix_state" : "Out of support scope",
    "package_name" : "grafana",
    "cpe" : "cpe:/a:redhat:ceph_storage:3"
  }, {
    "product_name" : "Red Hat Ceph Storage 4",
    "fix_state" : "Affected",
    "package_name" : "rhceph/rhceph-4-dashboard-rhel8",
    "cpe" : "cpe:/a:redhat:ceph_storage:4"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "fix_state" : "Will not fix",
    "package_name" : "grafana",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "fix_state" : "Will not fix",
    "package_name" : "grafana",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9"
  }, {
    "product_name" : "Red Hat OpenShift Container Platform 4",
    "fix_state" : "Will not fix",
    "package_name" : "openshift4/ose-grafana",
    "cpe" : "cpe:/a:redhat:openshift:4"
  }, {
    "product_name" : "Red Hat Storage 3",
    "fix_state" : "Will not fix",
    "package_name" : "grafana",
    "cpe" : "cpe:/a:redhat:storage:3"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2023-1387\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-1387\nhttps://grafana.com/blog/2023/04/26/grafana-security-release-new-versions-of-grafana-with-security-fixes-for-cve-2023-28119-and-cve-2023-1387/\nhttps://grafana.com/security/security-advisories/cve-2023-1387/" ],
  "name" : "CVE-2023-1387",
  "csaw" : false
}