Upcoming Webinar
Cayosoft Shows How Forest Recovery Tech Addresses Survey Issues
Join this webinar and not only learn about what your peers are doing, but also learn about a new patent-pending modern approach to AD forest recovery from Cayosoft.
New episode!
The Scoop on Loop: The Latest Innovations Directly From Microsoft!
Darrell Webster speaks to Rebecca Keys, a Program Manager from the Microsoft Loop team.
Turn Data Protection into an MRR Growth Engine
Security for your customers, revenue for your MSP practice. Access key insights on how to scale your practice with SkyKick’s new eGuide.
MSP eGuide to Package, Sell and Deliver M365 Security Services
Based on input from our top-performing MSPs, SkyKick prepared the MSP Guide to help you navigate the security landscape.

Grafana Patches Critical Azure AD Authentication Bypass Vulnerability

Grafana has recently released new security updates to patch a critical vulnerability in its application. The flaw could enable threat actors to hijack Grafana accounts that use Azure Active Directory (recently renamed Microsoft Entra ID) for authentication.

Grafana is a popular analytics and visualization service that enables IT admins to monitor and analyze time-series data. It provides access to real-time dashboards with interactive charts, graphs, and notifications. Grafana helps organizations to gain insights into the performance of their systems, visualize metrics, and monitor key performance indicators.

The critical security vulnerability (tracked as CVE-2023-3128) received a CVSS v3.1 score of 9.4. Grafana mentioned that the flaw exists in the email claim-based validation of Azure AD accounts.

“Grafana validates Azure Active Directory accounts based on the email claim. On Azure AD, the profile email field is not unique across Azure AD tenants. This can enable a Grafana account takeover and authentication bypass when Azure AD OAuth is configured with a multi-tenant Azure AD OAuth application,” Grafana explained in a security advisory.

Upgrade to the latest Grafana version

Grafana confirmed that the security flaw impacts all deployments that leverage Azure AD OAuth to authenticate users. It’s highly recommended that customers should upgrade to Grafana 10.0.1 or later to protect their organizations against cyberattacks. The company has also collaborated with Microsoft, Amazon, and other cloud vendors to upgrade Grafana Cloud to the latest version.

Meanwhile, Grafana detailed a couple of mitigation strategies for organizations that are unable to immediately upgrade their instances. The company advises IT admins to register a single tenant application in Azure Active Directory. It should help to block external users from making any login attempts.

Customers can also add an “allowed_groups” configuration to the Azure AD settings to restrict sign-in attempts to select users. This approach will let administrators block login attempts with an arbitrary email.

by Rabia Noureen
Last Update: Jul 17, 2023
Jun 28, 2023

Rabia comes from a solid IT background and has been writing professionally about Microsoft products and other technology for four years. Rabia has also written for OnMSFT.com as well as Windows Report. She is always up to date on the latest trends in...

How to Use Microsoft 365 Dynamic Groups to Streamline Access Management

Jul 5, 2023
Jul 13, 2023
Microsoft Entra ID App Registration and Enterprise App Security Explained

Oct 19, 2023
Apr 17, 2024
How to Properly Secure and Govern Microsoft Entra ID Apps

Oct 19, 2023
Apr 17, 2024

Take our survey

PETRI NEWSLETTERS

Join Petri Insider

Create a free account today to participate in forum conversations, comment on posts and more.