Thehackernews
Critical Grafana SCIM Vulnerability Allows Privilege Escalation
First seen 21 Nov 2025, 18:21 UTC
•



+1
•85% similarity
•52.9
Share:
Export
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
Browse articles
Grafana Labs has issued critical patches for a severe vulnerability (CVE-2025-41115) in its SCIM provisioning feature, which could enable attackers to escalate privileges or impersonate users. The flaw affects Grafana Enterprise versions 12.0.0 through 12.2.1 when specific configurations are enabled. Organizations are urged to update immediately to mitigate risks associated with this critical vulnerability.
ThreatCluster AI