Vulnerabilities
Projects
Vulnerability Disclosure
About Us
Contact Us
Mend.io Vulnerability Database
What is a WS vulnerability ID?
What is an MSC vulnerability ID?
We found results for “”
CVE-2025-41115
Good to know:
Date: November 21, 2025
SCIM provisioning was introduced in Grafana Enterprise and Grafana Cloud in April to improve how organizations manage users and teams in Grafana by introducing automated user lifecycle management. In Grafana versions 12.x where SCIM provisioning is enabled and configured, a vulnerability in user identity handling allows a malicious or compromised SCIM client to provision a user with a numeric externalId, which in turn could allow to override internal user IDs and lead to impersonation or privilege escalation. This vulnerability applies only if all of the following conditions are met: - "enableSCIM" feature flag set to true - "user_sync_enabled" config option in the "[auth.scim]" block set to true
Severity Score
Related Resources (9)
Severity Score
Weakness Type (CWE)
Incorrect Privilege Assignment
CWE-266Top Fix
Upgrade Version
Upgrade to version github.com/grafana/grafana - v1.9.2-0.20250310110405-e6fdb746f235;github.com/grafana/grafana - v12.0.7;github.com/grafana/grafana - v12.1.4;github.com/grafana/grafana - v12.2.2;https://github.com/grafana/grafana.git - v1.9.2-0.20250310110405-e6fdb746f235;https://github.com/grafana/grafana.git - v12.0.7;https://github.com/grafana/grafana.git - v12.1.4;https://github.com/grafana/grafana.git - v12.2.2
CVSS v3.1
| Base Score: |
|
|---|---|
| Attack Vector (AV): | NETWORK |
| Attack Complexity (AC): | LOW |
| Privileges Required (PR): | NONE |
| User Interaction (UI): | NONE |
| Scope (S): | CHANGED |
| Confidentiality (C): | HIGH |
| Integrity (I): | HIGH |
| Availability (A): | HIGH |