OAuth Passthrough Vulnerability in Grafana Snowflake Datasource Plugin
CVE-2025-3717

2.1LOW

Key Information:

Vendor

Grafana Labs

Status
Grafana Snowflake Datasource Plugin
Vendor
CVE Published:
11 November 2025

What is CVE-2025-3717?

The Grafana Snowflake Datasource Plugin is vulnerable in scenarios where OAuth passthrough is enabled. If multiple users access the same datasource concurrently on a single Grafana instance, there is a risk of the incorrect user identifier being utilized. This flaw can lead to unauthorized access, enabling users to obtain sensitive data not intended for them. It predominantly affects versions from 1.5.0 to prior to 1.14.1, posing serious concerns for data privacy and security.

Affected Version(s)

Grafana Snowflake Datasource Plugin 1.5.0 < 1.14.1

References

https://grafana.com/security/security-advisories/cve-2025...

CVSS V4

Score:
2.1
Severity:
LOW
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
Physical
Privileges Required:
Undefined
User Interaction:
Unknown

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.
CVE-2025-3717 : OAuth Passthrough Vulnerability in Grafana Snowflake Datasource Plugin