{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-6152", "assignerOrgId": "57da9224-a3e2-4646-9d0e-c4dc2e05e7da", "state": "PUBLISHED", "assignerShortName": "GRAFANA", "dateReserved": "2023-11-15T12:44:28.824Z", "datePublished": "2024-02-13T21:38:01.404Z", "dateUpdated": "2025-02-15T00:10:28.890Z"}, "containers": {"cna": {"affected": [{"product": "Grafana", "vendor": "Grafana", "versions": [{"lessThan": "9.5.16", "status": "affected", "version": "2.5.0", "versionType": "semver"}, {"lessThan": "10.0.11", "status": "affected", "version": "10.0.0", "versionType": "semver"}, {"lessThan": "10.1.7", "status": "affected", "version": "10.1.0", "versionType": "semver"}, {"lessThan": "10.2.4", "status": "affected", "version": "10.2.0", "versionType": "semver"}, {"lessThan": "10.3.3", "status": "affected", "version": "10.3.0", "versionType": "semver"}]}, {"product": "Grafana Enterprise", "vendor": "Grafana", "versions": [{"lessThan": "9.5.16", "status": "affected", "version": "2.5.0", "versionType": "semver"}, {"lessThan": "10.0.11", "status": "affected", "version": "10.0.0", "versionType": "semver"}, {"lessThan": "10.1.7", "status": "affected", "version": "10.1.0", "versionType": "semver"}, {"lessThan": "10.2.4", "status": "affected", "version": "10.2.0", "versionType": "semver"}, {"lessThan": "10.3.3", "status": "affected", "version": "10.3.0", "versionType": "semver"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>A user changing their email after signing up and verifying it can change it without verification in profile settings.</p><p>The configuration option \"verify_email_enabled\" will only validate email only on sign up.</p>"}], "value": "A user changing their email after signing up and verifying it can change it without verification in profile settings.\n\nThe configuration option \"verify_email_enabled\" will only validate email only on sign up.\n\n"}], "impacts": [{"capecId": "CAPEC-115", "descriptions": [{"lang": "en", "value": "CAPEC-115"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-863", "description": "CWE-863", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "57da9224-a3e2-4646-9d0e-c4dc2e05e7da", "shortName": "GRAFANA", "dateUpdated": "2024-02-13T21:38:01.404Z"}, "references": [{"url": "https://grafana.com/security/security-advisories/cve-2023-6152/"}, {"url": "https://github.com/grafana/bugbounty/security/advisories/GHSA-3hv4-r2fm-h27f"}]}, "adp": [{"title": "CVE Program Container", "references": [{"url": "https://grafana.com/security/security-advisories/cve-2023-6152/", "tags": ["x_transferred"]}, {"url": "https://github.com/grafana/bugbounty/security/advisories/GHSA-3hv4-r2fm-h27f", "tags": ["x_transferred"]}, {"url": "https://security.netapp.com/advisory/ntap-20250214-0008/"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2025-02-15T00:10:28.890Z"}}, {"affected": [{"vendor": "grafana", "product": "grafana", "cpes": ["cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "2.5.0", "status": "affected", "lessThan": "9.5.16", "versionType": "custom"}, {"version": "10.0.0", "status": "affected", "lessThan": "10.0.11", "versionType": "custom"}, {"version": "10.10", "status": "affected", "lessThan": "10.1.7", "versionType": "custom"}, {"version": "10.2.0", "status": "affected", "lessThan": "10.2.4", "versionType": "custom"}, {"version": "10.3.0", "status": "affected", "lessThan": "10.3.3", "versionType": "custom"}]}, {"vendor": "grafana", "product": "grafana_enterprise", "cpes": ["cpe:2.3:a:grafana:grafana_enterprise:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "2.5.0", "status": "affected", "lessThan": "9.5.16", "versionType": "custom"}, {"version": "10.0.0", "status": "affected", "lessThan": "10.0.11", "versionType": "custom"}, {"version": "10.10", "status": "affected", "lessThan": "10.1.7", "versionType": "custom"}, {"version": "10.2.0", "status": "affected", "lessThan": "10.2.4", "versionType": "custom"}, {"version": "10.3.0", "status": "affected", "lessThan": "10.3.3", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-08-22T15:42:45.786092Z", "id": "CVE-2023-6152", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-22T15:51:56.870Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://grafana.com/security/security-advisories/cve-2023-6152/", "tags": ["x_transferred"]}, {"url": "https://github.com/grafana/bugbounty/security/advisories/GHSA-3hv4-r2fm-h27f", "tags": ["x_transferred"]}, {"url": "https://security.netapp.com/advisory/ntap-20250214-0008/"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2025-02-15T00:10:28.890Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-6152", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-08-22T15:42:45.786092Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*"], "vendor": "grafana", "product": "grafana", "versions": [{"status": "affected", "version": "2.5.0", "lessThan": "9.5.16", "versionType": "custom"}, {"status": "affected", "version": "10.0.0", "lessThan": "10.0.11", "versionType": "custom"}, {"status": "affected", "version": "10.10", "lessThan": "10.1.7", "versionType": "custom"}, {"status": "affected", "version": "10.2.0", "lessThan": "10.2.4", "versionType": "custom"}, {"status": "affected", "version": "10.3.0", "lessThan": "10.3.3", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:a:grafana:grafana_enterprise:*:*:*:*:*:*:*:*"], "vendor": "grafana", "product": "grafana_enterprise", "versions": [{"status": "affected", "version": "2.5.0", "lessThan": "9.5.16", "versionType": "custom"}, {"status": "affected", "version": "10.0.0", "lessThan": "10.0.11", "versionType": "custom"}, {"status": "affected", "version": "10.10", "lessThan": "10.1.7", "versionType": "custom"}, {"status": "affected", "version": "10.2.0", "lessThan": "10.2.4", "versionType": "custom"}, {"status": "affected", "version": "10.3.0", "lessThan": "10.3.3", "versionType": "custom"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-22T15:47:58.337Z"}}], "cna": {"impacts": [{"capecId": "CAPEC-115", "descriptions": [{"lang": "en", "value": "CAPEC-115"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.4, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Grafana", "product": "Grafana", "versions": [{"status": "affected", "version": "2.5.0", "lessThan": "9.5.16", "versionType": "semver"}, {"status": "affected", "version": "10.0.0", "lessThan": "10.0.11", "versionType": "semver"}, {"status": "affected", "version": "10.1.0", "lessThan": "10.1.7", "versionType": "semver"}, {"status": "affected", "version": "10.2.0", "lessThan": "10.2.4", "versionType": "semver"}, {"status": "affected", "version": "10.3.0", "lessThan": "10.3.3", "versionType": "semver"}]}, {"vendor": "Grafana", "product": "Grafana Enterprise", "versions": [{"status": "affected", "version": "2.5.0", "lessThan": "9.5.16", "versionType": "semver"}, {"status": "affected", "version": "10.0.0", "lessThan": "10.0.11", "versionType": "semver"}, {"status": "affected", "version": "10.1.0", "lessThan": "10.1.7", "versionType": "semver"}, {"status": "affected", "version": "10.2.0", "lessThan": "10.2.4", "versionType": "semver"}, {"status": "affected", "version": "10.3.0", "lessThan": "10.3.3", "versionType": "semver"}]}], "references": [{"url": "https://grafana.com/security/security-advisories/cve-2023-6152/"}, {"url": "https://github.com/grafana/bugbounty/security/advisories/GHSA-3hv4-r2fm-h27f"}], "descriptions": [{"lang": "en", "value": "A user changing their email after signing up and verifying it can change it without verification in profile settings.\n\nThe configuration option \"verify_email_enabled\" will only validate email only on sign up.\n\n", "supportingMedia": [{"type": "text/html", "value": "<p>A user changing their email after signing up and verifying it can change it without verification in profile settings.</p><p>The configuration option \"verify_email_enabled\" will only validate email only on sign up.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-863", "description": "CWE-863"}]}], "providerMetadata": {"orgId": "57da9224-a3e2-4646-9d0e-c4dc2e05e7da", "shortName": "GRAFANA", "dateUpdated": "2024-02-13T21:38:01.404Z"}}}, "cveMetadata": {"cveId": "CVE-2023-6152", "state": "PUBLISHED", "dateUpdated": "2025-02-15T00:10:28.890Z", "dateReserved": "2023-11-15T12:44:28.824Z", "assignerOrgId": "57da9224-a3e2-4646-9d0e-c4dc2e05e7da", "datePublished": "2024-02-13T21:38:01.404Z", "assignerShortName": "GRAFANA"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", "matchCriteriaId": "F1B0912A-B5CC-42BE-93D4-0A501A0245FA", "versionEndIncluding": "2.5.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:grafana:grafana:10.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "CB81DBAE-551A-41FD-BFB5-325C9E0BCA10", "vulnerable": true}, {"criteria": "cpe:2.3:a:grafana:grafana:10.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "1A61A884-885C-4961-8263-682CC9EDBCE8", "vulnerable": true}, {"criteria": "cpe:2.3:a:grafana:grafana:10.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "EE8E4C18-557B-4CD0-9EE5-DC4B8D5F20BC", "vulnerable": true}, {"criteria": "cpe:2.3:a:grafana:grafana:10.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "9F6206EA-DB68-4409-A694-74F47D6879D4", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A user changing their email after signing up and verifying it can change it without verification in profile settings.\n\nThe configuration option \"verify_email_enabled\" will only validate email only on sign up.\n\n"}, {"lang": "es", "value": "Un usuario que cambia su correo electr\u00f3nico despu\u00e9s de registrarse y verificarlo puede cambiarlo sin verificaci\u00f3n en la configuraci\u00f3n del perfil. La opci\u00f3n de configuraci\u00f3n \"verify_email_enabled\" solo validar\u00e1 el correo electr\u00f3nico al registrarse."}], "id": "CVE-2023-6152", "lastModified": "2025-02-15T01:15:09.723", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 2.5, "source": "security@grafana.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 2.5, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-02-13T22:15:45.430", "references": [{"source": "security@grafana.com", "tags": ["Exploit", "Vendor Advisory"], "url": "https://github.com/grafana/bugbounty/security/advisories/GHSA-3hv4-r2fm-h27f"}, {"source": "security@grafana.com", "tags": ["Vendor Advisory"], "url": "https://grafana.com/security/security-advisories/cve-2023-6152/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Vendor Advisory"], "url": "https://github.com/grafana/bugbounty/security/advisories/GHSA-3hv4-r2fm-h27f"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://grafana.com/security/security-advisories/cve-2023-6152/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://security.netapp.com/advisory/ntap-20250214-0008/"}], "sourceIdentifier": "security@grafana.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-863"}], "source": "security@grafana.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-863"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "grafana: email verification bypass", "id": "2262000", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2262000"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.4", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", "status": "draft"}, "cwe": "CWE-302", "details": ["A user changing their email after signing up and verifying it can change it without verification in profile settings.\nThe configuration option \"verify_email_enabled\" will only validate email only on sign up.", "An authentication bypass vulnerability was found in the verify_email_enabled feature of Grafana. Even when enabled, this configuration option does not fully enforce email verification. This issue could allow a remote attacker that has authenticated with basic credentials to change the email address to use an unverified address. Successful exploitation could allow evasion of an organization's email domain filtering rules. An example of this is permitting a user in blocklisted countries or service providers to utilize a service."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2023-6152", "package_state": [{"cpe": "cpe:/a:redhat:service_mesh:2.1", "fix_state": "Out of support scope", "package_name": "servicemesh-grafana", "product_name": "OpenShift Service Mesh 2.1"}, {"cpe": "cpe:/a:redhat:acm:2", "fix_state": "Not affected", "package_name": "rhacm2/acm-grafana-rhel8", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2"}, {"cpe": "cpe:/a:redhat:ceph_storage:3", "fix_state": "Out of support scope", "package_name": "grafana", "product_name": "Red Hat Ceph Storage 3"}, {"cpe": "cpe:/a:redhat:ceph_storage:4", "fix_state": "Out of support scope", "package_name": "rhceph/rhceph-4-dashboard-rhel8", "product_name": "Red Hat Ceph Storage 4"}, {"cpe": "cpe:/a:redhat:ceph_storage:5", "fix_state": "Affected", "package_name": "rhceph/rhceph-5-dashboard-rhel8", "product_name": "Red Hat Ceph Storage 5"}, {"cpe": "cpe:/a:redhat:ceph_storage:6", "fix_state": "Affected", "package_name": "rhceph/rhceph-6-dashboard-rhel9", "product_name": "Red Hat Ceph Storage 6"}, {"cpe": "cpe:/a:redhat:ceph_storage:7", "fix_state": "Affected", "package_name": "rhceph/grafana-rhel9", "product_name": "Red Hat Ceph Storage 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Will not fix", "package_name": "grafana", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Will not fix", "package_name": "grafana", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Not affected", "package_name": "openshift4/ose-grafana", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:storage:3", "fix_state": "Affected", "package_name": "grafana", "product_name": "Red Hat Storage 3"}], "public_date": "2024-02-14T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2023-6152\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-6152\nhttps://go.grafana.com/MzU2LVlGRy0zODkAAAGQ-uA6C7nzuSa-sr-ExDECDtkQsqBtkIPyWCp7OfehAPZ64TOkmW-HiQcbNpcFuB_YOIOgltA=\nhttps://grafana.com/blog/2024/02/14/grafana-security-release-medium-severity-security-fix-for-cve-2023-6152/"], "statement": "Use of Grafana basic authentication and the verify_email_enabled feature are preconditions for this vulnerability to affect your system.", "threat_severity": "Moderate"}