Unit 42 researchers discovered CVE-2024-1313, a broken object level authorization (BOLA) vulnerability in open-source data visualization platform Grafana.

Unit42 is a cybersecurity research team known for its  analysis of cyber threats, malware, and cyber attack trends. Through research reports, threat intelligence briefings, and data analysis, Unit42 offers insights into emerging cyber threats and adversary tactics. Readers can learn about threat detection methodologies, vulnerability trends, and cyber attack attribution to enhance their cybersecurity posture and protect their organizations from advanced cyber threats.

Unit 42

A new Broken Object Level Authorization (BOLA) vulnerability has been discovered in Grafana, impacting multiple versions. This vulnerability allows low-privileged users to delete dashboard snapshots belonging to other organizations. Attackers can potentially exploit these issues to access sensitive data or compromise data integrity. Mitigations and fixes have been released.

Exposing a New BOLA Vulnerability in Grafana

BOLA: Unauthorized Users Can Delete Snapshots

Creating Snapshots in Any Organization With Weak Key and DeleteKey