Lucene search
K

5 matches found

NVD
NVD
added 2026/06/22 2:17 p.m.8 views

CVE-2026-56447

MISP allowed an authenticated site administrator to set the Kafkardkafkaconfig setting to an arbitrary filesystem path. MISP subsequently parsed the referenced INI file and passed its options to rdkafka. A crafted attacker-controlled configuration file could use rdkafka options such as...

9.3CVSS0.00342EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/22 12:39 p.m.3 views

CVE-2026-56447

MISP allowed an authenticated site administrator to set the Kafkardkafkaconfig setting to an arbitrary filesystem path. MISP subsequently parsed the referenced INI file and passed its options to rdkafka. A crafted attacker-controlled configuration file could use rdkafka options such as...

9.3CVSS6.4AI score0.00342EPSS
Exploits0References2
CVE
CVE
added 2026/06/22 12:39 p.m.22 views

CVE-2026-56447

The CVE describes a vulnerability in MISP where an authenticated site administrator could set the Kafka_rdkafka_config to an arbitrary filesystem path. MISP parses the referenced INI and forwards its options to librdkafka; a crafted INI could utilize options like plugin.library.paths to load an a...

9.3CVSS6.4AI score0.00342EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/22 12:0 a.m.14 views

PT-2026-51311

Name of the Vulnerable Software and Affected Versions MISP affected versions not specified Description An authenticated site administrator can set the Kafka rdkafka config setting to an arbitrary filesystem path. The system parses the referenced INI file and passes its options to rdkafka. By usin...

9.3CVSS6.3AI score0.00342EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/06/22 12:0 a.m.20 views

PT-2026-51310

Name of the Vulnerable Software and Affected Versions MISP affected versions not specified Description A site administrator can configure an arbitrary filesystem path for the NDJSON error log used by JsonLogTool. Since log entries can contain attacker-controlled content, an authenticated attacker...

8.7CVSS6.4AI score0.00383EPSS
Exploits0References9
Rows per page
Query Builder