CVE-2024-9264
HIGHCVSS v3
8.8
HIGH
EPSS Score
94.0%
exploit probability
CISA KEV
No
known exploited
Exploitation
—
SSVC status
Description
The SQL Expressions experimental feature of Grafana allows for the evaluation of `duckdb` queries containing user input. These queries are insufficiently sanitized before being passed to `duckdb`, leading to a command injection and local file inclusion vulnerability. Any user with the VIEWER or higher permission is capable of executing this attack. The `duckdb` binary must be present in Grafana's $PATH for this attack to function; by default, this binary is not installed in Grafana distributions.
Technical Details
- Published
- 10/18/2024
Frequently Asked Questions
What is CVE-2024-9264?
The SQL Expressions experimental feature of Grafana allows for the evaluation of `duckdb` queries containing user input. These queries are insufficiently sanitized before being passed to `duckdb`, leading to a command injection and local file inclusion vulnerability. Any user with the VIEWER or higher permission is capable of executing this attack. The `duckdb` binary must be present in Grafana's $PATH for this attack to function; by default, this binary is not installed in Grafana distributions.
Is CVE-2024-9264 actively exploited?
Active exploitation of CVE-2024-9264 has not been confirmed. The EPSS score is 94.0%, indicating the estimated probability of exploitation in the next 30 days.
What is the CVSS score for CVE-2024-9264?
CVE-2024-9264 has a CVSS v3 base score of 8.8 (HIGH severity).
Is CVE-2024-9264 affecting your environment?
Use isMalicious to check if any of your IPs or domains are associated with this vulnerability's IOCs.