{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-6197", "assignerOrgId": "57da9224-a3e2-4646-9d0e-c4dc2e05e7da", "state": "PUBLISHED", "assignerShortName": "GRAFANA", "dateReserved": "2025-06-17T07:22:18.547Z", "datePublished": "2025-07-18T07:48:22.523Z", "dateUpdated": "2025-07-18T13:46:01.307Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Grafana", "vendor": "Grafana", "versions": [{"lessThan": "12.0.2+security-01", "status": "affected", "version": "12.0.x", "versionType": "semver"}, {"lessThan": "11.6.3+security-01", "status": "affected", "version": "11.6.x", "versionType": "semver"}, {"lessThan": "11.5.6+security-01", "status": "affected", "version": "11.5.x", "versionType": "semver"}, {"lessThan": "11.4.6+security-01", "status": "affected", "version": "11.4.x", "versionType": "semver"}, {"lessThan": "11.3.8+security-01", "status": "affected", "version": "11.3.x", "versionType": "semver"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Dat Phung"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>An open redirect vulnerability has been identified in Grafana OSS organization switching functionality.<br></p><p>Prerequisites for exploitation:</p><p>- Multiple organizations must exist in the Grafana instance</p><p>- Victim must be on a different organization than the one specified in the URL</p><p><br></p>"}], "value": "An open redirect vulnerability has been identified in Grafana OSS organization switching functionality.\n\n\nPrerequisites for exploitation:\n\n- Multiple organizations must exist in the Grafana instance\n\n- Victim must be on a different organization than the one specified in the URL"}], "impacts": [{"capecId": "CAPEC-194", "descriptions": [{"lang": "en", "value": "CAPEC-194"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-601", "description": "CWE-601", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "57da9224-a3e2-4646-9d0e-c4dc2e05e7da", "shortName": "GRAFANA", "dateUpdated": "2025-07-18T07:49:16.382Z"}, "references": [{"name": "Vulnerable code location", "tags": ["vendor-advisory"], "url": "https://grafana.com/security/security-advisories/cve-2025-6197/"}, {"tags": ["mitigation", "release-notes"], "url": "https://grafana.com/blog/2025/07/17/grafana-security-release-medium-and-high-severity-fixes-for-cve-2025-6197-and-cve-2025-6023/"}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-07-18T13:45:54.505880Z", "id": "CVE-2025-6197", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-07-18T13:46:01.307Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-6197", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-07-18T13:45:54.505880Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-07-18T13:45:58.520Z"}}], "cna": {"source": {"discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "finder", "value": "Dat Phung"}], "impacts": [{"capecId": "CAPEC-194", "descriptions": [{"lang": "en", "value": "CAPEC-194"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.2, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Grafana", "product": "Grafana", "versions": [{"status": "affected", "version": "12.0.x", "lessThan": "12.0.2+security-01", "versionType": "semver"}, {"status": "affected", "version": "11.6.x", "lessThan": "11.6.3+security-01", "versionType": "semver"}, {"status": "affected", "version": "11.5.x", "lessThan": "11.5.6+security-01", "versionType": "semver"}, {"status": "affected", "version": "11.4.x", "lessThan": "11.4.6+security-01", "versionType": "semver"}, {"status": "affected", "version": "11.3.x", "lessThan": "11.3.8+security-01", "versionType": "semver"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://grafana.com/security/security-advisories/cve-2025-6197/", "name": "Vulnerable code location", "tags": ["vendor-advisory"]}, {"url": "https://grafana.com/blog/2025/07/17/grafana-security-release-medium-and-high-severity-fixes-for-cve-2025-6197-and-cve-2025-6023/", "tags": ["mitigation", "release-notes"]}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "An open redirect vulnerability has been identified in Grafana OSS organization switching functionality.\n\n\nPrerequisites for exploitation:\n\n- Multiple organizations must exist in the Grafana instance\n\n- Victim must be on a different organization than the one specified in the URL", "supportingMedia": [{"type": "text/html", "value": "<p>An open redirect vulnerability has been identified in Grafana OSS organization switching functionality.<br></p><p>Prerequisites for exploitation:</p><p>- Multiple organizations must exist in the Grafana instance</p><p>- Victim must be on a different organization than the one specified in the URL</p><p><br></p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-601", "description": "CWE-601"}]}], "providerMetadata": {"orgId": "57da9224-a3e2-4646-9d0e-c4dc2e05e7da", "shortName": "GRAFANA", "dateUpdated": "2025-07-18T07:49:16.382Z"}}}, "cveMetadata": {"cveId": "CVE-2025-6197", "state": "PUBLISHED", "dateUpdated": "2025-07-18T13:46:01.307Z", "dateReserved": "2025-06-17T07:22:18.547Z", "assignerOrgId": "57da9224-a3e2-4646-9d0e-c4dc2e05e7da", "datePublished": "2025-07-18T07:48:22.523Z", "assignerShortName": "GRAFANA"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "An open redirect vulnerability has been identified in Grafana OSS organization switching functionality.\n\n\nPrerequisites for exploitation:\n\n- Multiple organizations must exist in the Grafana instance\n\n- Victim must be on a different organization than the one specified in the URL"}, {"lang": "es", "value": "Se ha identificado una vulnerabilidad de redirecci\u00f3n abierta en la funcionalidad de cambio de organizaci\u00f3n de Grafana OSS. Requisitos para su explotaci\u00f3n: - Deben existir varias organizaciones en la instancia de Grafana. - La v\u00edctima debe pertenecer a una organizaci\u00f3n diferente a la especificada en la URL."}], "id": "CVE-2025-6197", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 1.6, "impactScore": 2.5, "source": "security@grafana.com", "type": "Secondary"}]}, "published": "2025-07-18T08:15:28.187", "references": [{"source": "security@grafana.com", "url": "https://grafana.com/blog/2025/07/17/grafana-security-release-medium-and-high-severity-fixes-for-cve-2025-6197-and-cve-2025-6023/"}, {"source": "security@grafana.com", "url": "https://grafana.com/security/security-advisories/cve-2025-6197/"}], "sourceIdentifier": "security@grafana.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-601"}], "source": "security@grafana.com", "type": "Secondary"}]}

{"bugzilla": {"description": "grafana: Open Redirect in Grafana", "id": "2381569", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2381569"}, "csaw": false, "cvss3": {"cvss3_base_score": "4.3", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "status": "draft"}, "cwe": "CWE-601", "details": ["An open redirect vulnerability has been identified in Grafana OSS organization switching functionality.\nPrerequisites for exploitation:\n- Multiple organizations must exist in the Grafana instance\n- Victim must be on a different organization than the one specified in the URL", "A flaw was found in Grafana, where the organization switching functionality caused an open redirect vulnerability. To make this exploitable, the Grafana instance must have more than one organization, and the user being redirected must be a member of both. Furthermore, the attacker needs to know the ID of the organization that the user is currently viewing."], "mitigation": {"lang": "en:us", "value": "Currently, no mitigation is available for this vulnerability."}, "name": "CVE-2025-6197", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Fix deferred", "package_name": "grafana", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "grafana", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "grafana", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2025-07-22T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-6197\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-6197"], "threat_severity": "Low"}

{"created": "2025-07-21T15:17:11.963237+00:00", "updated": "2025-07-21T15:17:11.963325+00:00", "vendors": ["grafana", "grafana$PRODUCT$grafana"]}