Unrated severityNVD Advisory· Published Jun 5, 2024· Updated Aug 1, 2024

CVE-2024-5526

Description

Grafana OnCall is an easy-to-use on-call management tool that will help reduce toil in on-call management through simpler workflows and interfaces that are tailored specifically for engineers.

Grafana OnCall, from version 1.1.37 before 1.5.2 are vulnerable to a Server Side Request Forgery (SSRF) vulnerability in the webhook functionallity.

This issue was fixed in version 1.5.2

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

Grafana/OnCallllm-create2 versions
>=1.1.37, <1.5.2+ 1 more
- (no CPE)range: >=1.1.37, <1.5.2
- (no CPE)range: 1.1.37

Patches

Vulnerability mechanics

References

grafana.com/security/security-advisories/cve-2024-5526/mitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000