Medium severityNVD Advisory· Published Nov 13, 2024· Updated Apr 15, 2026
CVE-2024-9476
CVE-2024-9476
Description
A vulnerability in Grafana Labs Grafana OSS and Enterprise allows Privilege Escalation allows users to gain access to resources from other organizations within the same Grafana instance via the Grafana Cloud Migration Assistant.This vulnerability will only affect users who utilize the Organizations feature to isolate resources on their Grafana instance.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
21- osv-coords18 versionspkg:rpm/opensuse/grafana&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/grafana&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/prometheus-blackbox_exporter&distro=openSUSE%20Leap%2015.6pkg:rpm/suse/golang-github-prometheus-alertmanager&distro=SUSE%20Manager%20Client%20Tools%2012pkg:rpm/suse/golang-github-prometheus-node_exporter&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5-LTSSpkg:rpm/suse/golang-github-prometheus-node_exporter&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5pkg:rpm/suse/golang-github-prometheus-node_exporter&distro=SUSE%20Manager%20Client%20Tools%2012pkg:rpm/suse/golang-github-prometheus-prometheus&distro=SUSE%20Manager%20Client%20Tools%2012pkg:rpm/suse/golang-github-prometheus-prometheus&distro=SUSE%20Manager%20Client%20Tools%2015pkg:rpm/suse/grafana&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP6pkg:rpm/suse/grafana&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP7pkg:rpm/suse/grafana&distro=SUSE%20Manager%20Client%20Tools%2012pkg:rpm/suse/grafana&distro=SUSE%20Manager%20Client%20Tools%2015pkg:rpm/suse/prometheus-blackbox_exporter&distro=SUSE%20Manager%20Client%20Tools%2012pkg:rpm/suse/prometheus-blackbox_exporter&distro=SUSE%20Manager%20Client%20Tools%2015pkg:rpm/suse/prometheus-blackbox_exporter&distro=SUSE%20Manager%20Client%20Tools%20for%20SLE%20Micro%205pkg:rpm/suse/prometheus-blackbox_exporter&distro=SUSE%20Manager%20Proxy%20Module%204.3pkg:rpm/suse/release-notes-susemanager&distro=SUSE%20Manager%20Server%204.3
< 11.5.5-150200.3.72.2+ 17 more
- (no CPE)range: < 11.5.5-150200.3.72.2
- (no CPE)range: < 11.3.2-1.1
- (no CPE)range: < 0.26.0-150000.1.27.1
- (no CPE)range: < 0.26.0-1.31.2
- (no CPE)range: < 1.9.1-1.36.2
- (no CPE)range: < 1.9.1-1.36.2
- (no CPE)range: < 1.9.1-1.36.2
- (no CPE)range: < 2.53.4-1.60.2
- (no CPE)range: < 2.53.4-150000.3.62.2
- (no CPE)range: < 11.5.5-150200.3.72.2
- (no CPE)range: < 11.5.5-150200.3.72.2
- (no CPE)range: < 11.5.5-1.79.2
- (no CPE)range: < 11.5.5-150000.1.79.1
- (no CPE)range: < 0.26.0-1.27.1
- (no CPE)range: < 0.26.0-150000.1.27.1
- (no CPE)range: < 0.26.0-150000.1.27.1
- (no CPE)range: < 0.26.0-150000.1.27.1
- (no CPE)range: < 4.3.15.2-150400.3.133.1
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.