CVE-2025-6197

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2025-6197
An open redirect vulnerability has been identified in Grafana OSS organization switching functionality. Prerequisites for exploitation: - Multiple organizations must exist in the Grafana instance - Victim must be on a different organization than the one specified in the URL

4.2 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.6 / Impact : 2.5

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact NONE

Scope UNCHANGED

References
Link Resource
https://grafana.com/blog/2025/07/17/grafana-security-release-medium-and-high-severity-fixes-for-cve-2025-6197-and-cve-2025-6023/
https://grafana.com/security/security-advisories/cve-2025-6197/
Configurations

No configuration.

History

No history.

Information

Published : 2025-07-18 08:15

Updated : 2025-07-22 13:06

NVD link : CVE-2025-6197

Mitre link : CVE-2025-6197

CVE.ORG link : CVE-2025-6197

JSON object : View

Products Affected

No product.

CWE
CWE-601

URL Redirection to Untrusted Site ('Open Redirect')