Arch Linux Security Advisory ASA-202112-11 ========================================== Severity: High Date : 2021-12-11 CVE-ID : CVE-2021-43798 CVE-2021-43813 CVE-2021-43815 Package : grafana Type : directory traversal Remote : Yes Link : https://security.archlinux.org/AVG-2609 Summary ======= The package grafana before version 8.3.1-1 is vulnerable to directory traversal. Resolution ========== Upgrade to 8.3.1-1. # pacman -Syu "grafana>=8.3.1-1" The problems have been fixed upstream in version 8.3.1. Workaround ========== None. Description =========== - CVE-2021-43798 (directory traversal) Grafana 8 before version 8.3.1 is vulnerable to directory traversal, allowing access to local files. The vulnerable URL path is <grafana_host_url>/public/plugins/<"plugin-id">, where <"plugin-id"> is the plugin ID for any installed plugin. - CVE-2021-43813 (directory traversal) A security issue has been found in Grafana before version 8.3.2 through which authenticated users could read out fully lowercase or fully uppercase .md files through directory traversal. The vulnerable URL path is: /api/plugins/.*/markdown/.* for .md files. - CVE-2021-43815 (directory traversal) A security issue has been found in Grafana 8 before version 8.3.2 through which authenticated users could read out arbitrary .csv files through directory traversal. The vulnerable URL path is: /api/ds/query. Impact ====== A remote attacker could access arbitrary local files on the server through directory traversal. References ========== https://github.com/grafana/grafana/security/advisories/GHSA-8pjx-jj86-j47p https://grafana.com/blog/2021/12/07/grafana-8.3.1-8.2.7-8.1.8-and-8.0.7-rele... https://grafana.com/blog/2021/12/08/an-update-on-0day-cve-2021-43798-grafana... https://j0vsec.com/post/cve-2021-43798/ https://github.com/grafana/grafana/commit/00e38ba555cfb120361c9623de3285d70c... https://github.com/grafana/grafana/security/advisories/GHSA-c3q8-26ph-9g2q https://grafana.com/blog/2021/12/10/grafana-8.3.2-and-7.5.12-released-with-m... https://github.com/grafana/grafana/commit/06706efbbe59ad9d3075835cc31e2f734e... https://github.com/grafana/grafana/security/advisories/GHSA-7533-c8qv-jm9m https://github.com/grafana/grafana/commit/1d7105c0959df2083814237024f7ec098a... https://security.archlinux.org/CVE-2021-43798 https://security.archlinux.org/CVE-2021-43813 https://security.archlinux.org/CVE-2021-43815