{"api_version":"1","generated_at":"2026-04-22T02:45:30+00:00","cve":"CVE-2023-3128","urls":{"html":"https://cve.report/CVE-2023-3128","api":"https://cve.report/api/cve/CVE-2023-3128.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2023-3128","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2023-3128"},"summary":{"title":"CVE-2023-3128","description":"Grafana is validating Azure AD accounts based on the email claim. \n\nOn Azure AD, the profile email field is not unique and can be easily modified. \n\nThis leads to account takeover and authentication bypass when Azure AD OAuth is configured with a multi-tenant app.","state":"PUBLIC","assigner":"security@grafana.com","published_at":"2023-06-22 21:15:00","updated_at":"2023-07-21 19:19:00"},"problem_types":["CWE-290"],"metrics":[],"references":[{"url":"https://github.com/grafana/bugbounty/security/advisories/GHSA-gxh2-6vvc-rrgp","name":"https://github.com/grafana/bugbounty/security/advisories/GHSA-gxh2-6vvc-rrgp","refsource":"MISC","tags":[],"title":"Authentication bypass / account takeover due to bad implementation of Azure AD OAuth · Advisory · grafana/bugbounty · GitHub","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://security.netapp.com/advisory/ntap-20230714-0004/","name":"https://security.netapp.com/advisory/ntap-20230714-0004/","refsource":"MISC","tags":[],"title":"403 Forbidden","mime":"text/html","httpstatus":"403","archivestatus":"404"},{"url":"https://grafana.com/security/security-advisories/cve-2023-3128/","name":"https://grafana.com/security/security-advisories/cve-2023-3128/","refsource":"MISC","tags":[],"title":"Grafana authentication bypass using Azure AD OAuth | Grafana Labs","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://www.cve.org/CVERecord?id=CVE-2023-3128","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-3128","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2023","cve_id":"3128","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"grafana","cpe5":"grafana","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"-","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"3128","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"grafana","cpe5":"grafana","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"enterprise","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2023-3128","qid":"160790","title":"Oracle Enterprise Linux Security Update for grafana (ELSA-2023-4030)"},{"cve":"CVE-2023-3128","qid":"161171","title":"Oracle Enterprise Linux Security Update for grafana security and enhancement update (ELSA-2023-6972)"},{"cve":"CVE-2023-3128","qid":"241783","title":"Red Hat Update for grafana (RHSA-2023:4030)"},{"cve":"CVE-2023-3128","qid":"242413","title":"Red Hat Update for grafana (RHSA-2023:6972)"},{"cve":"CVE-2023-3128","qid":"379637","title":"Alibaba Cloud Linux Security Update for grafana security and enhancement update (moderate) (ALINUX3-SA-2024:0038)"},{"cve":"CVE-2023-3128","qid":"691197","title":"Free Berkeley Software Distribution (FreeBSD) Security Update for grafana (fdbe9aec-118b-11ee-908a-6c3be5272acd)"},{"cve":"CVE-2023-3128","qid":"730833","title":"Grafana Authentication Bypass Vulnerability"},{"cve":"CVE-2023-3128","qid":"941170","title":"AlmaLinux Security Update for grafana (ALSA-2023:4030)"},{"cve":"CVE-2023-3128","qid":"941470","title":"AlmaLinux Security Update for grafana (ALSA-2023:6972)"},{"cve":"CVE-2023-3128","qid":"960957","title":"Rocky Linux Security Update for grafana (RLSA-2023:4030)"}]},"source_records":{"cve_program":{"data_version":"4.0","data_type":"CVE","data_format":"MITRE","CVE_data_meta":{"ID":"CVE-2023-3128","ASSIGNER":"security@grafana.com","STATE":"PUBLIC"},"description":{"description_data":[{"lang":"eng","value":"Grafana is validating Azure AD accounts based on the email claim. \n\nOn Azure AD, the profile email field is not unique and can be easily modified. \n\nThis leads to account takeover and authentication bypass when Azure AD OAuth is configured with a multi-tenant app. \n\n"}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-290","cweId":"CWE-290"}]}]},"affects":{"vendor":{"vendor_data":[{"vendor_name":"Grafana","product":{"product_data":[{"product_name":"Grafana","version":{"version_data":[{"version_affected":"<","version_name":"9.5.0","version_value":"9.5.4"},{"version_affected":"<","version_name":"9.4.0","version_value":"9.4.13"},{"version_affected":"<","version_name":"9.3.0","version_value":"9.3.16"},{"version_affected":"<","version_name":"9.2.0","version_value":"9.2.20"},{"version_affected":"<","version_name":"6.7.0","version_value":"8.5.27"}]}},{"product_name":"Grafana Enterprise","version":{"version_data":[{"version_affected":"<","version_name":"9.5.0","version_value":"9.5.4"},{"version_affected":"<","version_name":"9.4.0","version_value":"9.4.13"},{"version_affected":"<","version_name":"9.3.0","version_value":"9.3.16"},{"version_affected":"<","version_name":"9.2.0","version_value":"9.2.20"},{"version_affected":"<","version_name":"6.7.0","version_value":"8.5.27"}]}}]}}]}},"references":{"reference_data":[{"url":"https://grafana.com/security/security-advisories/cve-2023-3128/","refsource":"MISC","name":"https://grafana.com/security/security-advisories/cve-2023-3128/"},{"url":"https://github.com/grafana/bugbounty/security/advisories/GHSA-gxh2-6vvc-rrgp","refsource":"MISC","name":"https://github.com/grafana/bugbounty/security/advisories/GHSA-gxh2-6vvc-rrgp"},{"url":"https://security.netapp.com/advisory/ntap-20230714-0004/","refsource":"MISC","name":"https://security.netapp.com/advisory/ntap-20230714-0004/"}]},"generator":{"engine":"Vulnogram 0.1.0-dev"},"source":{"discovery":"UNKNOWN"},"impact":{"cvss":[{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"LOW","baseScore":9.4,"baseSeverity":"CRITICAL","confidentialityImpact":"HIGH","integrityImpact":"HIGH","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L","version":"3.1"}]}},"nvd":{"publishedDate":"2023-06-22 21:15:00","lastModifiedDate":"2023-07-21 19:19:00","problem_types":["CWE-290"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":9.8,"baseSeverity":"CRITICAL"},"exploitabilityScore":3.9,"impactScore":5.9}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:grafana:grafana:*:*:*:*:-:*:*:*","versionStartIncluding":"9.5.0","versionEndExcluding":"9.5.4","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:grafana:grafana:*:*:*:*:-:*:*:*","versionStartIncluding":"9.4.0","versionEndExcluding":"9.4.13","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:grafana:grafana:*:*:*:*:-:*:*:*","versionStartIncluding":"9.3.0","versionEndExcluding":"9.3.16","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:grafana:grafana:*:*:*:*:-:*:*:*","versionStartIncluding":"9.2.0","versionEndExcluding":"9.2.20","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:grafana:grafana:*:*:*:*:enterprise:*:*:*","versionStartIncluding":"6.7.0","versionEndExcluding":"8.5.27","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:grafana:grafana:*:*:*:*:-:*:*:*","versionStartIncluding":"6.7.0","versionEndExcluding":"8.5.27","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:grafana:grafana:*:*:*:*:enterprise:*:*:*","versionStartIncluding":"9.5.0","versionEndExcluding":"9.5.4","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:grafana:grafana:*:*:*:*:enterprise:*:*:*","versionStartIncluding":"9.4.0","versionEndExcluding":"9.4.13","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:grafana:grafana:*:*:*:*:enterprise:*:*:*","versionStartIncluding":"9.3.0","versionEndExcluding":"9.3.16","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:grafana:grafana:*:*:*:*:enterprise:*:*:*","versionStartIncluding":"9.2.0","versionEndExcluding":"9.2.20","cpe_name":[]}]}]}},"legacy_mitre":{"record":null,"notes":[]}}}