CVE-2015-5721

MISP/MISP

on github

Published

September 3, 2016

Severity

CVSS v3:

9.8 CRITICAL

CVSS v2:

7.5 HIGH

Description

Malware Information Sharing Platform (MISP) before 2.3.90 allows remote attackers to conduct PHP object injection attacks via crafted serialized data, related to TemplatesController.php and populate_event_from_template_attributes.ctp.

References

https://www.circl.lu/advisory/CVE-2015-5721/
https://github.com/MISP/MISP/commit/415d85102d5aa5f96f4f11a17c86b59bb9cc0d56
http://www.securityfocus.com/bid/92739

Configurations

CPE23	Version Start	Version End	Exact Version
cpe:2.3:a:misp-project:malware_information_sharing_platform::::::::	n/a	2.3.89 (including)	*

External Links

NVD - CVE-2015-5721