all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Exposing a New BOLA Vulnerability in Grafana

Add to bookmarks
March 27, 2024, 2 p.m. | Ravid Mazon and Jay Chen

Unit42 unit42.paloaltonetworks.com

Unit 42 researchers discovered CVE-2024-1313, a broken object level authorization (BOLA) vulnerability in open-source data visualization platform Grafana.


The post Exposing a New BOLA Vulnerability in Grafana appeared first on Unit 42.

advanced url filtering api api attacks authorization bola broken object level authorization cloud-delivered security services cve data data visualization exposing grafana next generation firewall object platform prisma cloud researchers source data unit 42 visualization vulnerability waas

Visit resource

More from unit42.paloaltonetworks.com / Unit42

Threat Brief: Operation MidnightEclipse, Post-Exploitation Activity Related to CVE-2024-3400 2 weeks ago | unit42.paloaltonetworks.com
campaign command command injection cve +13
Muddled Libra’s Evolution to the Cloud 2 weeks, 3 days ago | unit42.paloaltonetworks.com
amp applications att aws +17
It Was Not Me! Malware-Initiated Vulnerability Scanning Is on the Rise 2 weeks, 4 days ago | unit42.paloaltonetworks.com
advanced threat prevention advanced url filtering advanced wildfire attacks +14
Threat Brief: Vulnerability in XZ Utils Data Compression Library Impacting Multiple Linux Distributions (CVE-2024-3094) 3 weeks, 6 days ago | unit42.paloaltonetworks.com
compression cortex xdr cortex xsiam cve +17
Exposing a New BOLA Vulnerability in Grafana 4 weeks, 2 days ago | unit42.paloaltonetworks.com
advanced url filtering api api attacks authorization +19
ASEAN Entities in the Spotlight: Chinese APT Group Targeting 1 month ago | unit42.paloaltonetworks.com
actions advanced persistent threat advanced url filtering apac +20
Large-Scale StrelaStealer Campaign in Early 2024 1 month ago | unit42.paloaltonetworks.com
advanced threat protection advanced wildfire campaign campaigns +16
Curious Serpens’ FalseFont Backdoor: Technical Analysis, Detection and Prevention 1 month ago | unit42.paloaltonetworks.com
advanced threat prevention advanced url filtering advanced wildfire aerospace +25
Unit 42 Collaborative Research With Ukraine’s Cyber Agency To Uncover the Smoke Loader Backdoor 1 month, 1 week ago | unit42.paloaltonetworks.com
advanced threat prevention advanced url filtering advanced wildfire agency +21

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Director, Cybersecurity - Governance, Risk and Compliance (GRC)

@ Stanley Black & Decker | New Britain CT USA - 1000 Stanley Dr
View on infosec-jobs.com

Information Security Risk Metrics Lead

@ Live Nation Entertainment | Work At Home-Connecticut
View on infosec-jobs.com

IT Product Owner - Enterprise DevSec Platform (d/f/m)

@ Airbus | Hamburg - Finkenwerder
View on infosec-jobs.com

Senior Information Security Specialist

@ Arthur Grand Technologies Inc | Arlington, VA, United States
View on infosec-jobs.com

Information Security Controls SME

@ Sword | Aberdeen, Scotland, United Kingdom
View on infosec-jobs.com
View more jobs