HTTP: Grafana Labs Grafana Plugin Directory Traversal
This signature detects attempts to exploit a known vulnerability against Grafana. A successful attack can lead to directory traversal and arbitrary code execution.
Extended Description
Grafana is an open-source platform for monitoring and observability. Grafana versions 8.0.0-beta1 through 8.3.0 (except for patched versions) iss vulnerable to directory traversal, allowing access to local files. The vulnerable URL path is: `/public/plugins//`, where is the plugin ID for any installed plugin. At no time has Grafana Cloud been vulnerable. Users are advised to upgrade to patched versions 8.0.7, 8.1.8, 8.2.7, or 8.3.1. The GitHub Security Advisory contains more information about vulnerable URL paths, mitigation, and the disclosure timeline.
Affected Products
Grafana grafana
References
CVE: CVE-2021-43798
Short Name
HTTP:DIR:GRAFANA-PLUGIN-DIR-TRV
Severity
Minor
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2021-43798 Directory Grafana Labs Plugin Traversal
Release Date
12/28/2021
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3451
False Positive
Unknown
Vendors
Grafana
CVSS Score
5.0