Detections
Analytics

Grafana 12.3.x < 12.3.0 Incorrect Privilege Assignment

critical Web App Scanning Plugin ID 115200

Synopsis

Grafana 12.3.x < 12.3.0 Incorrect Privilege Assignment

Description

According to its self-reported version, the Grafana install hosted on the remote host is prior to 12.0.6, or 12.1.x prior to 12.1.3, or 12.2.x prior to 12.2.1, or 12.3.x prior to 12.3.0. It is, therefore, affected by an incorrect privilege assignment vulnerability.

- In Grafana versions 12.x where SCIM provisioning is enabled and configured, a vulnerability in user identity handling allows a malicious or compromised SCIM client to provision a user with a numeric externalId, which in turn could allow to override internal user IDs and lead to impersonation or privilege escalation.

Note that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update to Grafana version 12.3.0 or later.

See Also

https://grafana.com/security/security-advisories/cve-2025-41115/

Plugin Details

Severity: Critical

ID: 115200

Type: Version Based

Published: 4/2/2026

Updated: 4/2/2026

Scan Template: basic, full, pci, scan

Risk Information

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: Critical

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2025-41115

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS Score Source: CVE-2025-41115

Vulnerability Information

CPE: cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 11/19/2025

Reference Information

CVE: CVE-2025-41115