Primary

Context

MISP GUI Attribute Search ACL Bypass Vulnerability

Vulnerability

Patched

A vulnerability in MISP (Malware Information Sharing Platform) prior to version 2.4.198 allows for an Access Control List (ACL) to be ignored during graphical user interface (GUI) attribute searches. This oversight could potentially lead to unauthorized access or visibility of certain attributes, depending on the user's permissions.

Impact

Exploitation of this vulnerability could result in unauthorized access to attributes during GUI searches, bypassing established ACLs.

Remediation

Users can upgrade to MISP version 2.4.198 or later to address this vulnerability.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

3.1

impact

2.5

exploitability

5.9

remediation

7.7

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

3.1

impact

2.5

exploitability

5.9

remediation

7.7

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

MISP GUI Attribute Search ACL Bypass Vulnerability

Vulnerability

Impact

Remediation

Affected Products

MISP

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating