Back

CVE-2024-45509

Sept. 1, 2024, 10:15 p.m.

Received
CVE has been recently published to the CVE List and has been received by the NVD.

Products

MISP

  • 2.4.196

Source

cve@mitre.org

Tags

cve@mitre.org
2024-09-01
CVE-2024-45509

CVE-2024-45509 details

Published : Sept. 1, 2024, 10:15 p.m.
Last Modified : Sept. 1, 2024, 10:15 p.m.

Description

In MISP through 2.4.196, app/Controller/BookmarksController.php does not properly restrict access to bookmarks data in the case where the user is not an org admin.

CVSS Score

1 2 3 4 5 6 7 8 9 10

Weakness

Weakness Name Description

References

URL Source
https://github.com/MISP/MISP/commit/3f3b9a574f349182a545636e12efa39267e9db04 cve@mitre.org
This website uses the NVD API, but is not approved or certified by it.