What is CVE-2023-6152?

CVE-2023-6152 is a medium-severity vulnerability in Grafana that allows users to change their email without verification. Immediate action is required to mitigate risks associated with unauthorized email changes.

What is the severity of CVE-2023-6152?

CVE-2023-6152 has a severity rating of MEDIUM with a CVSS base score of 5.4.

CVE-2023-6152 | Medium Vulnerability in Grafana

CVE-2023-6152 is a medium-severity vulnerability affecting Grafana. This vulnerability allows a user to change their email address after signing up and verifying it without requiring further verification in the profile settings. The configuration option "verify_email_enabled" only validates the email during the initial signup process, posing a risk of unauthorized changes to user accounts.

The CVSS score for this vulnerability is 5.4, indicating its medium severity and the potential impact it may have on affected systems. Organizations utilizing Grafana should recognize the importance of addressing this issue to prevent unauthorized access and ensure the integrity of user account information.

Risk to organizations includes the possibility of account compromise through unauthorized email changes. Attackers may leverage this vulnerability to hijack user accounts, leading to data breaches, unauthorized access to sensitive information, or further exploitation of the Grafana system.

Organizations should prioritize patching immediately to mitigate the risk associated with this vulnerability and protect their systems from potential exploitation.

Vulnerability Details

The vulnerability allows users to change their email without further verification in the profile settings. The relevant CVE-2023-6152 has a CVSS score of 5.4, indicating medium severity. The affected product is Grafana, specifically versions prior to 10.4.0, as well as versions 2.5.0 and below. This vulnerability is classified under CWE-863.

Technical Analysis

The root cause of this vulnerability lies in the insufficient verification process for email changes. Users are able to modify their email addresses without additional confirmation after the initial signup. The attack vector is network-based, with low complexity and low privileges required for exploitation. No user interaction is necessary for an attacker to exploit this vulnerability.

This oversight can lead to low confidentiality, low integrity, and low availability impacts due to unauthorized account modifications and potential account takeover scenarios.

Risk & Impact Analysis

The real-world deployment risk associated with CVE-2023-6152 is significant, given that attackers may exploit this vulnerability to gain unauthorized access to user accounts. The blast radius includes all users of affected Grafana versions, making it critical for organizations to address this vulnerability promptly. The urgency for remediation is underscored by the medium CVSS score, indicating that organizations should address this vulnerability in their priority patch cycle.

Signal	Status
Known Exploit	No
Public PoC	No
Actively Exploited	No
Ransomware Use	No

Affected Versions

The following versions of Grafana are affected by this vulnerability: versions 2.5.0 and all versions from 10.0.0 to 10.3.0. Organizations should ensure that they apply the necessary patches to mitigate the risk.

Mitigation & Remediation

Organizations should ensure they are running the latest version of Grafana to mitigate the risks associated with CVE-2023-6152. Recommended actions include applying patches, ensuring that the configuration option "verify_email_enabled" is correctly set, and implementing additional verification mechanisms for email changes. For further guidance on security best practices, organizations may refer to resources such as penetration testing compliance to enhance their security posture.

Detection Guidance

To detect potential exploitation of this vulnerability, organizations should monitor logs for unauthorized email changes and analyze behavioral anomalies in user account activities. Additionally, network signatures should be established to identify unusual access patterns related to profile modifications.

AppSecure Threat Intelligence Insight

CVE-2023-6152 highlights the importance of robust verification processes in user account management. Security teams should take this as a reminder to implement comprehensive validation mechanisms, especially in configurations that handle sensitive user data. Organizations can enhance their security measures by considering penetration testing methodology and adopting proactive threat modeling practices. Regular assessments and updates to security configurations can prevent similar vulnerabilities in the future. For more insights, organizations may also explore vulnerability management programs and maintain a continuous learning approach to security best practices.

Known Exploitation Timeline

This vulnerability has not been included in the KEV catalog, indicating no known exploitation details at present.

EPSS Risk Context

The EPSS score for CVE-2023-6152 is 0.0023, placing it in the 0.46 percentile, indicating a low likelihood of exploitation. However, organizations should not underestimate the potential impact of this vulnerability.

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

CVE ID	Title	Severity	Vulnerability Type	Published
CVE-2025-65418	CVE-2025-65418: High Vulnerability in docuFORM Managed Print Service Client	HIGH	Path Traversal	May 11, 2026
CVE-2025-65417	CVE-2025-65417: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	XSS	May 11, 2026
CVE-2025-65416	CVE-2025-65416: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Unrestricted File Upload	May 11, 2026
CVE-2025-65415	CVE-2025-65415: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Session Fixation	May 11, 2026
CVE-2025-61314	CVE-2025-61314: High Vulnerability in GmbH Mecury Managed Print Services	HIGH	XSS	May 11, 2026

CVE-2023-6152: Medium Vulnerability in Grafana