CVE-2020-14969

Published: Jun 22, 2020

Modified: Aug 4, 2024

PUBLISHED

Description

app/Model/Attribute.php in MISP 2.4.127 lacks an ACL lookup on attribute correlations. This occurs when querying the attribute restsearch API, revealing metadata about a correlating but unreachable attribute.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/MISP/MISP/commit/609bfbd450c933d21c50c9f0161d633c43413eb6

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2020-14969

Description

Affected Products

References