CVE-2024-11741

Published Jan 31, 2025

Last updated a month ago

CVSS medium 4.3

Overview

Description
Grafana is an open-source platform for monitoring and observability. The Grafana Alerting VictorOps integration was not properly protected and could be exposed to users with Viewer permission. Fixed in versions 11.5.0, 11.4.1, 11.3.3,  11.2.6, 11.1.11, 11.0.11 and 10.4.15
Source
security@grafana.com
NVD status
Received

Risk scores

CVSS 3.1

Type
Secondary
Base score
4.3
Impact score
1.4
Exploitability score
2.8
Vector string
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Severity
MEDIUM

Weaknesses

security@grafana.com
CWE-200

Social media

Hype score
Not currently trending

  1. CVE-2024-11741 Grafana is an open-source platform for monitoring and observability. The Grafana Alerting VictorOps integration was not properly protected and could be exposed to us… https://t.co/e6ikeEGIAV

    @CVEnew

    31 Jan 2025

    296 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

References