CVE-2025-6197
published 2025-07-18CVE-2025-6197: An open redirect vulnerability has been identified in Grafana OSS organization switching functionality. Prerequisites for exploitation: - Multiple…
PriorityP429medium4.2CVSS 3.1
AVNACHPRNUIRSUCLILAN
EXPLOIT
EPSS
3.71%
88.4th percentile
An open redirect vulnerability has been identified in Grafana OSS organization switching functionality.
Prerequisites for exploitation:
- Multiple organizations must exist in the Grafana instance
- Victim must be on a different organization than the one specified in the URL
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| grafana | grafana | >= 11.3.x < 11.3.8+security-01 | 11.3.8+security-01 |
| grafana | grafana | >= 11.4.x < 11.4.6+security-01 | 11.4.6+security-01 |
| grafana | grafana | >= 11.5.x < 11.5.6+security-01 | 11.5.6+security-01 |
| grafana | grafana | >= 11.6.x < 11.6.3+security-01 | 11.6.3+security-01 |
| grafana | grafana | >= 12.0.x < 12.0.2+security-01 | 12.0.2+security-01 |
CVSS provenance
nvdv3.14.2MEDIUMCVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N
osv4.2MEDIUM
vendor_redhat4.2MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
CVE-2025-6197: An open redirect vulnerability has been identified in Grafana OSS organization switching functionality
osv·2025-07-18·CVSS 4.2
CVE-2025-6197 [MEDIUM] CVE-2025-6197: An open redirect vulnerability has been identified in Grafana OSS organization switching functionality
An open redirect vulnerability has been identified in Grafana OSS organization switching functionality. Prerequisites for exploitation: - Multiple organizations must exist in the Grafana instance - Victim must be on a different organization than the one specified in the URL
GHSA
GHSA-jvcj-qc86-j594: An open redirect vulnerability has been identified in Grafana OSS organization switching functionality
ghsa_unreviewed·2025-07-18
CVE-2025-6197 [MEDIUM] CWE-601 GHSA-jvcj-qc86-j594: An open redirect vulnerability has been identified in Grafana OSS organization switching functionality
An open redirect vulnerability has been identified in Grafana OSS organization switching functionality.
Prerequisites for exploitation:
- Multiple organizations must exist in the Grafana instance
- Victim must be on a different organization than the one specified in the URL
Red Hat
grafana: Open Redirect in Grafana
vendor_redhat·2025-07-22·CVSS 4.2
CVE-2025-6197 [MEDIUM] CWE-601 grafana: Open Redirect in Grafana
grafana: Open Redirect in Grafana
An open redirect vulnerability has been identified in Grafana OSS organization switching functionality.
Prerequisites for exploitation:
- Multiple organizations must exist in the Grafana instance
- Victim must be on a different organization than the one specified in the URL
A flaw was found in Grafana, where the organization switching functionality caused an open redirect vulnerability. To make this exploitable, the Grafana instance must have more than one organization, and the user being redirected must be a member of both. Furthermore, the attacker needs to know the ID of the organization that the user is currently viewing.
Statement: This vulnerability is considered Low severity because its exploitation relies on very restrictive preconditions that s
No detection rules found.
Nuclei
Open Redirect via Organization Switching
nuclei·CVSS 4.2
CVE-2025-6197 [MEDIUM] Open Redirect via Organization Switching
Open Redirect via Organization Switching
An open redirect vulnerability has been identified in Grafana OSS organization switching functionality. Prerequisites for exploitation Multiple organizations must exist in the Grafana instance - Victim must be on a different organization than the one specified in the URL
Template:
id: CVE-2025-6197
info:
name: Open Redirect via Organization Switching
author: iamnoooob,pdresearch
severity: medium
description: |
An open redirect vulnerability has been identified in Grafana OSS organization switching functionality. Prerequisites for exploitation Multiple organizations must exist in the Grafana instance - Victim must be on a different organization than the one specified in the URL
impact: |
Authenticated attackers can redirect users to arbitrary ext
No writeups or analysis indexed.
2025-07-18
Published