Medium severity4.2NVD Advisory· Published Jul 18, 2025· Updated Apr 15, 2026
CVE-2025-6197
CVE-2025-6197
Description
An open redirect vulnerability has been identified in Grafana OSS organization switching functionality.
Prerequisites for exploitation:
- Multiple organizations must exist in the Grafana instance
- Victim must be on a different organization than the one specified in the URL
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
47- osv-coords45 versionspkg:bitnami/grafanapkg:rpm/opensuse/dracut-saltboot&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/grafana&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/grafana&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/spacecmd&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/supportutils-plugin-susemanager-client&distro=openSUSE%20Leap%2015.6pkg:rpm/suse/dracut-saltboot&distro=SUSE%20Manager%20Client%20Tools%2015pkg:rpm/suse/dracut-saltboot&distro=SUSE%20Manager%20Client%20Tools%20for%20SLE%20Micro%205pkg:rpm/suse/dracut-saltboot&distro=SUSE%20Multi%20Linux%20Manager%20Tools%20SLE-15pkg:rpm/suse/dracut-saltboot&distro=SUSE%20Multi%20Linux%20Manager%20Tools%20SLE-Micro-5pkg:rpm/suse/golang-github-prometheus-alertmanager&distro=SUSE%20Manager%20Client%20Tools%2012pkg:rpm/suse/golang-github-prometheus-alertmanager&distro=SUSE%20Multi%20Linux%20Manager%20Tools%20SLE-12pkg:rpm/suse/golang-github-prometheus-alertmanager&distro=SUSE%20Multi%20Linux%20Manager%20Tools%20SLE-15pkg:rpm/suse/grafana&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP6pkg:rpm/suse/grafana&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP7pkg:rpm/suse/grafana&distro=SUSE%20Manager%20Client%20Tools%2012pkg:rpm/suse/grafana&distro=SUSE%20Manager%20Client%20Tools%2015pkg:rpm/suse/grafana&distro=SUSE%20Multi%20Linux%20Manager%20Tools%20SLE-12pkg:rpm/suse/grafana&distro=SUSE%20Multi%20Linux%20Manager%20Tools%20SLE-15pkg:rpm/suse/mgr-push&distro=SUSE%20Manager%20Client%20Tools%2012pkg:rpm/suse/mgr-push&distro=SUSE%20Manager%20Client%20Tools%2015pkg:rpm/suse/mgr-push&distro=SUSE%20Multi%20Linux%20Manager%20Tools%20SLE-12pkg:rpm/suse/mgr-push&distro=SUSE%20Multi%20Linux%20Manager%20Tools%20SLE-15pkg:rpm/suse/Multi-Linux-ManagerTools-SLE-release&distro=SUSE%20Multi%20Linux%20Manager%20Tools%20SLE-12pkg:rpm/suse/python-defusedxml&distro=SUSE%20Multi%20Linux%20Manager%20Tools%20SLE-12pkg:rpm/suse/python-defusedxml&distro=SUSE%20Multi%20Linux%20Manager%20Tools%20SLE-15pkg:rpm/suse/rhnlib&distro=SUSE%20Manager%20Client%20Tools%2012pkg:rpm/suse/rhnlib&distro=SUSE%20Manager%20Client%20Tools%2015pkg:rpm/suse/rhnlib&distro=SUSE%20Multi%20Linux%20Manager%20Tools%20SLE-12pkg:rpm/suse/rhnlib&distro=SUSE%20Multi%20Linux%20Manager%20Tools%20SLE-15pkg:rpm/suse/spacecmd&distro=SUSE%20Manager%20Client%20Tools%2012pkg:rpm/suse/spacecmd&distro=SUSE%20Manager%20Client%20Tools%2015pkg:rpm/suse/spacecmd&distro=SUSE%20Multi%20Linux%20Manager%20Tools%20SLE-12pkg:rpm/suse/spacecmd&distro=SUSE%20Multi%20Linux%20Manager%20Tools%20SLE-15pkg:rpm/suse/spacewalk-client-tools&distro=SUSE%20Multi%20Linux%20Manager%20Tools%20SLE-12pkg:rpm/suse/spacewalk-client-tools&distro=SUSE%20Multi%20Linux%20Manager%20Tools%20SLE-15pkg:rpm/suse/supportutils-plugin-susemanager-client&distro=SUSE%20Manager%20Client%20Tools%2012pkg:rpm/suse/supportutils-plugin-susemanager-client&distro=SUSE%20Manager%20Client%20Tools%2015pkg:rpm/suse/supportutils-plugin-susemanager-client&distro=SUSE%20Multi%20Linux%20Manager%20Tools%20SLE-12pkg:rpm/suse/supportutils-plugin-susemanager-client&distro=SUSE%20Multi%20Linux%20Manager%20Tools%20SLE-15pkg:rpm/suse/uyuni-tools&distro=SUSE%20Manager%20Client%20Tools%2012pkg:rpm/suse/uyuni-tools&distro=SUSE%20Manager%20Client%20Tools%2015pkg:rpm/suse/uyuni-tools&distro=SUSE%20Manager%20Client%20Tools%20for%20SLE%20Micro%205pkg:rpm/suse/uyuni-tools&distro=SUSE%20Multi%20Linux%20Manager%20Tools%20SLE-15pkg:rpm/suse/uyuni-tools&distro=SUSE%20Multi%20Linux%20Manager%20Tools%20SLE-Micro-5
>= 11.3.0, < 11.6.3+ 44 more
- (no CPE)range: >= 11.3.0, < 11.6.3
- (no CPE)range: < 1.0.0-150000.1.62.1
- (no CPE)range: < 11.5.10-150200.3.80.1
- (no CPE)range: < 11.6.3+security01-1.1
- (no CPE)range: < 5.0.14-150000.3.139.1
- (no CPE)range: < 5.0.5-150000.3.30.1
- (no CPE)range: < 1.0.0-150000.1.62.1
- (no CPE)range: < 1.0.0-150000.1.62.1
- (no CPE)range: < 1.0.0-150002.3.3.1
- (no CPE)range: < 1.0.0-150002.3.3.1
- (no CPE)range: < 0.28.1-1.34.1
- (no CPE)range: < 0.28.1-120002.4.3.2
- (no CPE)range: < 0.28.1-150002.4.3.3
- (no CPE)range: < 11.5.10-150200.3.80.1
- (no CPE)range: < 11.5.10-150200.3.80.1
- (no CPE)range: < 11.5.10-1.87.1
- (no CPE)range: < 11.5.10-150000.1.87.1
- (no CPE)range: < 11.5.7-120002.4.3.2
- (no CPE)range: < 11.5.7-150002.4.3.3
- (no CPE)range: < 5.0.3-1.30.3
- (no CPE)range: < 5.0.3-150000.1.30.1
- (no CPE)range: < 5.1.4-120002.3.3.3
- (no CPE)range: < 5.1.4-150002.3.3.3
- (no CPE)range: < 12-120002.1.3.2
- (no CPE)range: < 0.6.0-120002.1.3.1
- (no CPE)range: < 0.7.1-150002.1.3.2
- (no CPE)range: < 5.0.6-21.55.1
- (no CPE)range: < 5.0.6-150000.3.49.1
- (no CPE)range: < 5.1.3-120002.3.3.1
- (no CPE)range: < 5.1.3-150002.3.3.2
- (no CPE)range: < 5.0.14-38.162.1
- (no CPE)range: < 5.0.14-150000.3.139.1
- (no CPE)range: < 5.1.11-120002.3.3.2
- (no CPE)range: < 5.1.11-150002.3.3.2
- (no CPE)range: < 5.1.7-120002.3.3.2
- (no CPE)range: < 5.1.7-150002.3.3.3
- (no CPE)range: < 5.0.5-6.36.1
- (no CPE)range: < 5.0.5-150000.3.30.1
- (no CPE)range: < 5.1.4-120002.3.3.1
- (no CPE)range: < 5.1.4-150002.3.3.2
- (no CPE)range: < 0.1.37-1.27.1
- (no CPE)range: < 0.1.37-150000.1.27.1
- (no CPE)range: < 0.1.37-150000.1.27.1
- (no CPE)range: < 5.1.20-150002.3.3.3
- (no CPE)range: < 5.1.20-150002.3.3.3
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.