Ce mail provient de l'extérieur, restons vigilants

=====================================================================

                            CERT-Renater

                  Note d'Information No. 2025/VULN063

_____________________________________________________________________

DATE                : 03/02/2025

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S): Systems running Grafana versions prior to 11.5.0,
                    11.4.1, 11.3.3, 11.2.6, 11.1.11, 11.0.11, 10.4.15.

=====================================================================
https://grafana.com/security/security-advisories/cve-2024-11741/
_____________________________________________________________________


Grafana Alerting VictorOps integration exposed to Viewers
CVE ID: CVE-2024-11741
Date Published: January 31, 2025
Description:

Grafana is an open-source platform for monitoring and observability.
The Grafana Alerting VictorOps integration was not properly protected
and could be exposed to users with Viewer permission. Fixed in
versions 11.5.0, 11.4.1, 11.3.3, 11.2.6, 11.1.11, 11.0.11 and
10.4.15


=========================================================
+ CERT-RENATER        |    tel : 01-53-94-20-44         +
+ 23/25 Rue Daviel    |    fax : 01-53-94-20-41         +
+ 75013 Paris         |   email:cert@support.renater.fr +
=========================================================