CVE-2024-9264— Grafana 安全漏洞
新しい脆弱性情報の通知を購読するログインして購読
I. CVE-2024-9264の基本情報
脆弱性情報
脆弱性についてご質問がありますか?Shenlongの分析が参考になるかご確認ください!
Shenlongの10の質問を表示 ↗ 高度な大規模言語モデル技術を使用していますが、出力には不正確または古い情報が含まれる可能性があります。Shenlongはデータの正確性を確保するよう努めていますが、実際の状況に基づいて検証・判断してください。
脆弱性タイトル
Grafana SQL Expressions allow for remote code execution
ソース: NVD (National Vulnerability Database)
脆弱性説明
The SQL Expressions experimental feature of Grafana allows for the evaluation of `duckdb` queries containing user input. These queries are insufficiently sanitized before being passed to `duckdb`, leading to a command injection and local file inclusion vulnerability. Any user with the VIEWER or higher permission is capable of executing this attack. The `duckdb` binary must be present in Grafana's $PATH for this attack to function; by default, this binary is not installed in Grafana distributions.
ソース: NVD (National Vulnerability Database)
CVSS情報
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
ソース: NVD (National Vulnerability Database)
脆弱性タイプ
对生成代码的控制不恰当(代码注入)
ソース: NVD (National Vulnerability Database)
脆弱性タイトル
Grafana 安全漏洞
ソース: CNNVD (China National Vulnerability Database)
脆弱性説明
Grafana是Grafana开源的一套提供可视化监控界面的开源监控工具。该工具主要用于监控和分析Graphite、InfluxDB和Prometheus等。 Grafana存在安全漏洞,该漏洞源于SQL表达式实验性功能在处理用户输入的duckdb查询时,未能充分清理,导致命令注入和本地文件包含漏洞。
ソース: CNNVD (China National Vulnerability Database)
CVSS情報
N/A
ソース: CNNVD (China National Vulnerability Database)
脆弱性タイプ
N/A
ソース: CNNVD (China National Vulnerability Database)
影響を受ける製品
II. CVE-2024-9264の公開POC
| # | POC説明 | ソースリンク | Shenlongリンク |
|---|---|---|---|
| 1 | Exploit for Grafana arbitrary file-read (CVE-2024-9264) | https://github.com/nollium/CVE-2024-9264 | POC詳細 |
| 2 | File Read Proof of Concept for CVE-2024-9264 | https://github.com/z3k0sec/File-Read-CVE-2024-9264 | POC詳細 |
| 3 | Exploit for Grafana arbitrary file-read (CVE-2024-9264) | https://github.com/zgimszhd61/CVE-2024-9264 | POC詳細 |
| 4 | Grafana RCE exploit (CVE-2024-9264) | https://github.com/z3k0sec/CVE-2024-9264-RCE-Exploit | POC詳細 |
| 5 | None | https://github.com/PunitTailor55/Grafana-CVE-2024-9264 | POC詳細 |
| 6 | None | https://github.com/zgimszhd61/CVE-2024-9264-RCE | POC詳細 |
| 7 | None | https://github.com/punitdarji/Grafana-CVE-2024-9264 | POC詳細 |
| 8 | The SQL Expressions experimental feature of Grafana allows for the evaluation of `duckdb` queries containing user input. These queries are insufficiently sanitized before being passed to `duckdb`, leading to a command injection and local file inclusion vulnerability. Any user with the VIEWER or higher permission is capable of executing this attack. The `duckdb` binary must be present in Grafana's $PATH for this attack to function; by default, this binary is not installed in Grafana distributions. | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2024/CVE-2024-9264.yaml | POC詳細 |
| 9 | None | https://github.com/Threekiii/Awesome-POC/blob/master/Web%E5%BA%94%E7%94%A8%E6%BC%8F%E6%B4%9E/Grafana%20SQL%20%E8%A1%A8%E8%BE%BE%E5%BC%8F%E8%BF%9C%E7%A8%8B%E4%BB%A3%E7%A0%81%E6%89%A7%E8%A1%8C%E6%BC%8F%E6%B4%9E%20CVE-2024-9264.md | POC詳細 |
| 10 | A go implementation for CVE-2024-9264 which effect grafana versions 11.0.x, 11.1.x, and 11.2.x. | https://github.com/Cythonic1/CVE-2024-9264 | POC詳細 |
| 11 | None | https://github.com/Exerrdev/CVE-2024-9264-Fixed | POC詳細 |
| 12 | None | https://github.com/Royall-Researchers/CVE-2024-9264 | POC詳細 |
| 13 | Grafana RCE | https://github.com/ruizii/CVE-2024-9264 | POC詳細 |
| 14 | Authenticated RCE in Grafana (v11.0) via SQL Expressions - PoC Exploit | https://github.com/rvizx/CVE-2024-9264 | POC詳細 |
| 15 | Grafana image with DuckDB binary present vulnerable to exploit CVE-2024-9264 | https://github.com/patrickpichler/grafana-CVE-2024-9264 | POC詳細 |
| 16 | Grafana SQL Expressions → DuckDB LFI (CVE-2024-9264) | https://github.com/amalpvatayam67/day05-grafana-sqlexpr-lab | POC詳細 |
| 17 | https://github.com/vulhub/vulhub/blob/master/grafana/CVE-2024-9264/README.md | POC詳細 |
AI生成POCプレミアム
公開POCは見つかりませんでした。
ログインしてAI POCを生成III. CVE-2024-9264のインテリジェンス情報
请登录查看更多情报信息。
IV. 関連脆弱性
同じ製品: Grafana
- CVE-2026-27879
Query resampling can cause unbounded memory allocations - CVE-2026-28375
Grafana Testdata datasource can issue unbounded memory alloc - CVE-2026-27876
RCE on Grafana via sqlExpressions - CVE-2026-27880
OpenFeature evaluation API reads input data with no bounds - CVE-2026-27877
Public dashboards discloses all direct mode datasources
同じベンダー: Grafana
- CVE-2026-21728
Tempo query limit results in unbounded memory allocation - CVE-2026-21726
Loki Path Traversal - CVE-2021-36156 Bypass - CVE-2025-41118
Sensitive COS `SecretKey` exposed in plaintext via configura - CVE-2026-21727
Grafana Correlations: Cross-Tenant Data Disclosure and Perma - CVE-2025-12141
Grafana Alerting Editors can edit destination of webhooks th
同じ弱点: CWE-94
- CVE-2021-47939
Evolution CMS 3.1.6 Authenticated Remote Code Execution via - CVE-2021-47938
ImpressCMS 1.4.2 Remote Code Execution via Autotasks - CVE-2021-47935
Sentry 8.2.0 Remote Code Execution via Pickle Deserializatio - CVE-2022-50944
Aero CMS 0.0.1 PHP Code Injection via posts.php - CVE-2026-8211
codelibs Fess JSP File AdminDesignAction.java update code in
V. CVE-2024-9264へのコメント
まだコメントはありません