Vulnerability cyber

Grafana Labs

Jun 15, 2025 1 min read
Grafana Labs

More than 46,000 internet-facing Grafana instances remain unpatched and exposed to a client-side open redirect vulnerability that allows executing a malicious plugin and account takeover. The flaw, tracked as CVE-2025-4123, impacts multiple versions of the open-source platform used for monitoring and visualizing infrastructure and application metrics. Despite security updates released on May 21, a significant number of instances remain vulnerable, posing a risk to user sessions and account credentials.

Source: https://www.bleepingcomputer.com/news/security/over-46-000-grafana-instances-exposed-to-account-takeover-bug/

TPRM report: https://scoringcyber.rankiteo.com/company/grafana-labs

"id": "gra600061525",
"linkid": "grafana-labs",
"type": "Vulnerability",
"date": "6/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'industry': 'Technology',
                        'name': 'Grafana Labs',
                        'type': 'Software Company'}],
 'attack_vector': 'Client-side open redirect',
 'date_publicly_disclosed': '2023-05-21',
 'description': 'More than 46,000 internet-facing Grafana instances remain '
                'unpatched and exposed to a client-side open redirect '
                'vulnerability that allows executing a malicious plugin and '
                'account takeover.',
 'impact': {'systems_affected': '46,506 Grafana instances'},
 'lessons_learned': 'Regularly update and patch software to mitigate '
                    'vulnerabilities.',
 'motivation': 'Account takeover, execution of malicious plugins',
 'post_incident_analysis': {'corrective_actions': 'Apply security patches, '
                                                  'increase user awareness '
                                                  'about updates',
                            'root_causes': 'Unpatched software, lack of '
                                           'awareness about the vulnerability'},
 'recommendations': 'Upgrade to the latest patched versions of Grafana.',
 'references': [{'source': 'BleepingComputer'}],
 'response': {'remediation_measures': 'Upgrade to patched versions: '
                                      '10.4.18+security-01, '
                                      '11.2.9+security-01, 11.3.6+security-01, '
                                      '11.4.4+security-01, 11.5.4+security-01, '
                                      '11.6.1+security-01, and '
                                      '12.0.0+security-01'},
 'title': 'Grafana Ghost Vulnerability (CVE-2025-4123)',
 'type': 'Vulnerability Exploitation',
 'vulnerability_exploited': 'CVE-2025-4123'}
Published by
Jeremy C
Jeremy C
You might also like
Vulnerability cyber

Apple

public 1 min read
A zero-click attack leveraging a newly disclosed Messages vulnerability (CVE-2025-43200) has infected the iPhones of two European journalists with Paragon&…
Jeremy C Jeremy C
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.