QwikSec

Security Database

CVE

CWE

Training

CVE-2024-9476

Published: Nov 13, 2024

Modified: Nov 23, 2025

PUBLISHED

Description

A vulnerability in Grafana Labs Grafana OSS and Enterprise allows Privilege Escalation allows users to gain access to resources from other organizations within the same Grafana instance via the Grafana Cloud Migration Assistant.This vulnerability will only affect users who utilize the Organizations feature to isolate resources on their Grafana instance.

Vendor	Product	Versions
Grafana Labs	Grafana OSS and Enterprise	affected `11.3.0 - < 11.3.0+security-01` affected `11.2.0 - < 11.2.3+security-01`

Weaknesses (CWE)

References

https://grafana.com/security/security-advisories/cve-2024-9476/

vendor-advisory

https://grafana.com/blog/2024/11/12/grafana-security-release-medium-severity-security-fix-for-cve-2024-9476/

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.