Home
MEDIUM: 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:NDefault status
unaffected
9.4.0 (semver)
affected
11.6.14 (custom) before 11.6.14+security-04
affected
12.0.0 (semver)
affected
12.2.8 (custom) before 12.2.8+security-04
affected
12.3.0 (semver)
affected
12.3.6 (custom) before 12.3.6+security-04
affected
12.4.0 (semver)
affected
12.4.3 (custom) before 12.4.3+security-02
affected
13.0.0 (semver)
affected
13.0.1 (custom) before 13.0.1+security-01
affected
Description
Any Editor could delete any snapshot, even if they have no access to read or write them.
Product status
9.4.0 (semver)
11.6.14 (custom) before 11.6.14+security-04
12.0.0 (semver)
12.2.8 (custom) before 12.2.8+security-04
12.3.0 (semver)
12.3.6 (custom) before 12.3.6+security-04
12.4.0 (semver)
12.4.3 (custom) before 12.4.3+security-02
13.0.0 (semver)
13.0.1 (custom) before 13.0.1+security-01
References
grafana.com/security/security-advisories/cve-2026-28380