A flaw was found in Grafana Enterprise. Users with the Editor role are allowed to bypass data source permissions for the organization's default data source. The highest threat from this vulnerability is to data confidentiality.
A flaw was found in Grafana Enterprise. Users with the Editor role are allowed to bypass data source permissions for the organization's default data source. The highest threat from this vulnerability is to data confidentiality.
Red Hat products do not ship Grafana Enterprise version, therefore are not affected by this vulnerability.
If you are using the Enterprise version of Grafana, you can mitigate this vulnerability by making sure that the default data source for every Grafana organization points to a data source without permissions set up.