Grafana 1.3.0 Enterprise Edition

Submit a proposal Propose CVE/GCVE/GHSA reference

Approved changes feed: RSS · Atom

cpe:2.3:a:grafana:grafana:1.3.0:*:*:*:enterprise:*:*:*

part: a version: 1.3.0 update: *

VendorGrafana (7564912d-bb81-50cf-9eb9-f573ac2fa519)
ProductGrafana (6e4f3e11-70ef-54b3-88d6-f64136c9d5f2)
Edition*
Language*
Software editionenterprise
Target software*
Target hardware*
Other*
NotesImported from NVD CPE 2.0 feed

PURL mappings

PURLSourceLast updated
pkg:docker/grafana/grafana purl2cpe 2026-06-01 10:14:45.531501
pkg:github/grafana/grafana purl2cpe 2026-06-01 10:14:45.531503
pkg:rpm/fedora/grafana purl2cpe 2026-06-01 10:14:45.531504
pkg:rpm/opensuse/grafana purl2cpe 2026-06-01 10:14:45.531505

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2022-28660 vulnerable 2026-06-03 14:46:55.166563 Details available
The querier component in Grafana Enterprise Logs 1.1.x through 1.3.x before 1.4.0 does not require authentication when X-Scope-OrgID is used. Versions 1.2.1, 1.3.1, and 1.4.0 contain the bugfix. This affects -auth.type=enterprise in microservices mode
Published: 2022-05-20T14:32:17.000Z
Updated: 2024-08-03T05:56:16.454Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.