MISP Information Disclosure Vulnerability

MISP is an open source software solution. It is used to collect, store, distribute, and share network security metrics, and has features such as threat network security event analysis and malware analysis. information leakage vulnerability exists in versions of MISP prior to 2.4.164, which stems...

CVE-2022-42724

app/Controller/UsersController.php in MISP before 2.4.164 allows attackers to discover role names this is information that only the site admin should have...

MISP 信息泄露漏洞

MISP is an open source software solution. It is used to collect, store, distribute, and share network security metrics, and has features such as threat network security event analysis and malware analysis. information leakage vulnerability exists in versions of MISP prior to 2.4.164, which stems...

CVE-2022-42724

CVE-2022-42724 affects MISP up to version 2.4.164. A flaw in app/Controller/UsersController.php allows an attacker to disclose role names that should be admin‑only, resulting in information disclosure. Affected software: MISP prior to 2.4.164. Root cause: improper protection of sensitive role inf...

PT-2022-26520 · Misp · Misp

Name of the Vulnerable Software and Affected Versions: MISP versions prior to 2.4.164 Description: The issue allows attackers to discover role names, which is information that should only be accessible to the site admin. Recommendations: For versions prior to 2.4.164, update to version 2.4.164 or...