According to its self-reported version, the Grafana install hosted on the remote host is earlier than 10.4.19, or 11.2.x earlier than 11.2.10, or 11.3.x earlier than 11.3.7, or 11.4.x earlier than 11.4.5, or 11.5.x earlier than 11.5.5, or 11.6.x earlier than 11.6.2, or 12.0.x earlier than 12.0.1. It is, therefore, affected by a improper access control vulnerability.

Note that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:01985-1 advisory.

    release-notes-susemanager:

    - Update to SUSE Manager 4.3.15.2
      * SUSE Manager 4.3 will transition to LTS after June 2025
      * CVE Fixed         CVE-2023-45288, CVE-2024-11741, CVE-2024-45337, CVE-2024-45339         CVE-2024-51744, CVE-2024-9264, CVE-2024-9476, CVE-2025-22870         CVE-2025-22872, CVE-2025-2703 CVE-2025-27144, CVE-2025-3454         CVE-2025-3580, CVE-2025-4123, CVE-2024-47535

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

  - An access control vulnerability was discovered in Grafana OSS where an Organization administrator could     permanently delete the Server administrator account. This vulnerability exists in the DELETE     /api/org/users/ endpoint. The vulnerability can be exploited when: 1. An Organization administrator exists     2. The Server administrator is either: - Not part of any organization, or - Part of the same organization     as the Organization administrator Impact: - Organization administrators can permanently delete Server     administrator accounts - If the only Server administrator is deleted, the Grafana instance becomes     unmanageable - No super-user permissions remain in the system - Affects all users, organizations, and     teams managed in the instance The vulnerability is particularly serious as it can lead to a complete loss     of administrative control over the Grafana instance. (CVE-2025-3580)

Note that Nessus relies on the presence of the package as reported by the vendor.

The version of Grafana Labs installed on the remote host is affected by an improper access control vulnerability as referenced in the CVE-2025-3580 advisory. 

  - An access control vulnerability was discovered in Grafana OSS where an Organization administrator could     permanently delete the Server administrator account. This vulnerability exists in the DELETE     /api/org/users/ endpoint. The vulnerability can be exploited when: 1. An Organization administrator     exists 2. The Server administrator is either: - Not part of any organization, or - Part of the same     organization as the Organization administrator Impact: - Organization administrators can permanently     delete Server administrator accounts - If the only Server administrator is deleted, the Grafana instance     becomes unmanageable - No super-user permissions remain in the system - Affects all users, organizations,     and teams managed in the instance The vulnerability is particularly serious as it can lead to a complete     loss of administrative control over the Grafana instance. (CVE-2025-3580)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

ID	Name	Product	Family	Published	Updated	Severity
114804	Grafana < 10.4.19 Improper Access Control	Web App Scanning	Component Vulnerability	6/4/2025	6/4/2025	medium
114809	Grafana 11.6.x < 11.6.2 Improper Access Control	Web App Scanning	Component Vulnerability	6/4/2025	6/4/2025	medium
114808	Grafana 11.5.x < 11.5.5 Improper Access Control	Web App Scanning	Component Vulnerability	6/4/2025	6/4/2025	medium
114807	Grafana 11.4.x < 11.4.5 Improper Access Control	Web App Scanning	Component Vulnerability	6/4/2025	6/4/2025	medium
114805	Grafana 11.2.x < 11.2.10 Improper Access Control	Web App Scanning	Component Vulnerability	6/4/2025	6/4/2025	medium
114806	Grafana 11.3.x < 11.3.7 Improper Access Control	Web App Scanning	Component Vulnerability	6/4/2025	6/4/2025	medium
114810	Grafana 12.0.x < 12.0.1 Improper Access Control	Web App Scanning	Component Vulnerability	6/4/2025	6/4/2025	medium
240808	SUSE SLES15 : Security update 4.3.15 for Multi-Linux Manager Server (SUSE-SU-2025:01985-1)	Nessus	SuSE Local Security Checks	6/27/2025	6/27/2025	critical
251928	Linux Distros Unpatched Vulnerability : CVE-2025-3580	Nessus	Misc.	8/19/2025	8/19/2025	medium
241355	Grafana Labs 10.4.x < 10.4.19, 11.2.x < 11.2.10, 11.3.x < 11.3.7, 11.4 < 11.4.5, 11.5 < 11.5.5, 11.6 < 11.6.2, 12.0.x < 12.0.1 Improper Access Control (CVE-2025-3580)	Nessus	Web Servers	7/4/2025	8/25/2025	medium

Detections

Analytics

Plugins Search

medium

medium

medium

medium

medium

medium

medium

critical

medium

medium