vulnerability

FreeBSD: VID-6eb6a442-629a-11ed-9ca2-6c3be5272acd (CVE-2022-39306): Grafana -- Privilege escalation

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
7	(AV:N/AC:H/Au:S/C:C/I:C/A:N)	Nov 12, 2022	Nov 13, 2022	Dec 10, 2025

Severity

CVSS

(AV:N/AC:H/Au:S/C:C/I:C/A:N)

Published

Nov 12, 2022

Added

Nov 13, 2022

Modified

Dec 10, 2025

Description

Grafana Labs reports: Grafana admins can invite other members to the organization they are an admin for. When admins add members to the organization, non existing users get an email invite, existing members are added directly to the organization. When an invite link is sent, it allows users to sign up with whatever username/email address the user chooses and become a member of the organization. The CVSS score for this vulnerability is 6.4 Moderate

Solutions

freebsd-upgrade-package-grafanafreebsd-upgrade-package-grafana8freebsd-upgrade-package-grafana9

References

CVE-2022-39306
https://attackerkb.com/topics/CVE-2022-39306
CWE-20

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today