CVE-2025-3717

Published: Nov 11, 2025

Modified: Nov 12, 2025

PUBLISHED

Description

When using the Grafana Snowflake Datasource Plugin, if Oauth passthrough is enabled on the datasource, and multiple users are using the same datasource at the same time on a single Grafana instance, it could result in the wrong user identifier being used, and information for which the viewer is not authorized being returned. This issue affects Grafana Snowflake Datasource Plugin: from 1.5.0 before 1.14.1.

Vendor	Product	Versions
Grafana Labs	Grafana Snowflake Datasource Plugin	affected `1.5.0 - < 1.14.1`

Weaknesses (CWE)

CWE-653

References

https://grafana.com/security/security-advisories/cve-2025-3717/

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-3717

Description

Affected Products

Weaknesses (CWE)

References