Test ID:	1.3.6.1.4.1.25623.1.0.149215
Category:	Privilege escalation
Title:	Grafana 6.3.0-beta1 < 8.5.16, 9.x < 9.2.8, 9.3.0 < 9.3.2 SAML Privilege Escalation Vulnerability (GHSA-5hcf-rqj9-xh96)
Summary:	Grafana is prone to a privilege escalation vulnerability via; SAML.
Description:	Summary: Grafana is prone to a privilege escalation vulnerability via SAML. Vulnerability Insight: Grafana Enterprise is using crewjam/saml library for SAML integration. On Nov 30, 2022 an advisory and relevant fix was published in the upstream library, which described a vulnerability allowing privilege escalation when processing SAML responses containing multiple assertions. The vulnerability is possible to exploit only when a SAML document is not signed and multiple assertions are being used, where at least one assertion is signed. As a result, an attacker could intercept the SAML response and add any unsigned assertion, which would be parsed as signed by the library. Affected Software/OS: Grafana version 6.3.0-beta1 through 9.3.1. Solution: Update to version 8.5.16, 9.2.8, 9.3.2 or later. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2022-41912 https://github.com/crewjam/saml/security/advisories/GHSA-j2jp-wvqg-wc2g http://packetstormsecurity.com/files/170356/crewjam-saml-Signature-Bypass.html https://github.com/crewjam/saml/commit/aee3fb1edeeaf1088fcb458727e0fd863d277f8b
Copyright	Copyright (C) 2023 Greenbone Networks GmbH

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.