Grafana has issued critical security updates to fix a severe vulnerability (CVE-2025-41115) that could potentially lead to privilege escalation or user impersonation. The flaw, which has been assigned a maximum CVSS score of 10.0, was found in the System for Cross-domain Identity Management (SCIM) component that facilitates automated user provisioning and management.
First introduced in April 2025, the SCIM feature allows users to be managed centrally. According to Grafana’s Vardan Torosyan, the vulnerability occurs in versions 12.x of Grafana when the SCIM provisioning feature is enabled. A malicious or compromised SCIM client can provision a user with a numeric externalId, which might override internal user IDs. This could result in impersonation or privilege escalation, whereby a newly created user could be treated as an existing internal account, such as an admin.
For successful exploitation of the vulnerability, two conditions need to be satisfied:
- The
enableSCIMfeature flag must be set to true. - The
user_sync_enabledconfiguration option in the[auth.scim]block should also be true.
This vulnerability affects Grafana Enterprise versions from 12.0.0 up to 12.2.1. Patches have been released in the following versions:
- Grafana Enterprise 12.0.6+security-01
- Grafana Enterprise 12.1.3+security-01
- Grafana Enterprise 12.2.1+security-01
- Grafana Enterprise 12.3.0
The vulnerability was identified during internal audits and testing on November 4, 2025. Given its serious implications, users are strongly urged to apply the updates immediately to reduce potential risks.
Welcome to DediRock, your trusted partner in high-performance hosting solutions. At DediRock, we specialize in providing dedicated servers, VPS hosting, and cloud services tailored to meet the unique needs of businesses and individuals alike. Our mission is to deliver reliable, scalable, and secure hosting solutions that empower our clients to achieve their digital goals. With a commitment to exceptional customer support, cutting-edge technology, and robust infrastructure, DediRock stands out as a leader in the hosting industry. Join us and experience the difference that dedicated service and unwavering reliability can make for your online presence. Launch our website.