CVE-2020-15411

on github

Published

June 30, 2020

Severity

CVSS v3:

9.8 CRITICAL

CVSS v2:

7.5 HIGH

Description

An issue was discovered in MISP 2.4.128. app/Controller/AttributesController.php has insufficient ACL checks in the attachment downloader.

References

https://github.com/MISP/MISP/commit/d14ce7de709cdde3ecc9433e38e14c682894e88a

Configurations

CPE23	Version Start	Version End	Exact Version
cpe:2.3:a:misp:misp:2.4.128:::::::*	n/a	n/a	2.4.128

External Links

NVD - CVE-2020-15411