CVE-2022-2531: 
GitLab vulnerability analysis and mitigation

An issue was discovered in GitLab Enterprise Edition (EE) affecting all versions starting from 12.5 before 15.0.5, all versions starting from 15.1 before 15.1.4, and all versions starting from 15.2 before 15.2.1. The vulnerability allowed unauthenticated users to perform queries through a path traversal vulnerability due to incorrect authentication on the Grafana API under specific conditions (GitLab Security Release, NVD).

The vulnerability stems from improper authentication validation in GitLab's Grafana integration. When the Grafana integration is configured, the /grafana/proxy endpoint becomes accessible to any user with project access, including unauthenticated users on public projects. The vulnerability allows attackers to make API calls to any datasource with proxy access using the configured Admin API token. The severity is rated as medium with a CVSS v3.1 base score of 5.3 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) (NVD).

The vulnerability allows unauthenticated access to all datasources of a victim's Grafana server. This could potentially expose Prometheus data, Elasticsearch data, and provide access to connected databases. The attack is particularly concerning as datasource IDs are simple integers starting from 1, making enumeration of Grafana instances straightforward (GitLab Issue).

The vulnerability has been patched in versions 15.0.5, 15.1.4, and 15.2.1. GitLab strongly recommends that all installations running affected versions be upgraded to the latest version immediately. The patch was released on July 28, 2022, and GitLab.com was already running the patched version at the time of disclosure (GitLab Security Release).