UPGRADE: Grafana to 8.2.3 #5852

hacker0ni · 2021-10-12T13:18:03Z

The latest version of Grafana in Security Onion 2.3.80 is v7.5.4. This version is affected by an improper authentication access bug, which is fixed in 7.5.11+ or 8.1.6+. Could you please update this component in a new version?

CVE-2021-39226 - Grafana Improper Auth Access

jertel · 2021-10-18T13:38:22Z

Note that Security Onion does not utilize Grafana authentication, instead preferring the SOC proxy authentication fronting anonymouse Grafana access, so the referenced CVE should not have an impact to this or prior SO releases.

TOoSmOotH · 2021-11-08T15:06:29Z

Upgrading to 8.2.3 due to: GHSA-3j9m-hcv9-rpj8

dougburks changed the title ~~CVE-2021-39226 Grafana Improper Auth Access~~ UPGRADE: Grafana due to CVE-2021-39226 Grafana Improper Auth Access Oct 12, 2021

TOoSmOotH added the must label Oct 12, 2021

jertel changed the title ~~UPGRADE: Grafana due to CVE-2021-39226 Grafana Improper Auth Access~~ UPGRADE: Grafana to 8.2.1; Fixes CVE-2021-39226 Grafana Improper Auth Access Oct 18, 2021

jertel self-assigned this Oct 18, 2021

jertel changed the title ~~UPGRADE: Grafana to 8.2.1; Fixes CVE-2021-39226 Grafana Improper Auth Access~~ UPGRADE: Grafana to 8.2.1 Oct 19, 2021

TOoSmOotH changed the title ~~UPGRADE: Grafana to 8.2.1~~ UPGRADE: Grafana to 8.2.3 Nov 8, 2021

jertel closed this as completed Nov 8, 2021

github-actions bot locked as resolved and limited conversation to collaborators Mar 8, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

UPGRADE: Grafana to 8.2.3 #5852

UPGRADE: Grafana to 8.2.3 #5852

hacker0ni commented Oct 12, 2021 •

edited by jertel

jertel commented Oct 18, 2021

TOoSmOotH commented Nov 8, 2021

Navigation Menu

UPGRADE: Grafana to 8.2.3 #5852

UPGRADE: Grafana to 8.2.3 #5852

Comments

hacker0ni commented Oct 12, 2021 • edited by jertel

jertel commented Oct 18, 2021

TOoSmOotH commented Nov 8, 2021

hacker0ni commented Oct 12, 2021 •

edited by jertel