CVE-2025-41115 | Grafana Enterprise/Cloud prior 12.2.1 SCIM Provisioning user_sync_enabled Remote Code Execution

A vulnerability classified as very critical has been found in Grafana Enterprise and Cloud. Affected is the function user_sync_enabled of the component SCIM Provisioning. Performing manipulation results in Remote Code Execution.

This vulnerability is known as CVE-2025-41115. Access to the local network is required for this attack. No exploit is available.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More