3 matches found
CVE-2018-6926
In app/Controller/ServersController.php in MISP 2.4.87, a server setting permitted the override of a path variable on certain Red Hed Enterprise Linux and CentOS systems where rhshellfix was enabled, and consequently allowed site admins to inject arbitrary OS commands. The impact is limited by th...
CVE-2018-6926
In app/Controller/ServersController.php in MISP 2.4.87, a server setting permitted the override of a path variable on certain Red Hed Enterprise Linux and CentOS systems where rhshellfix was enabled, and consequently allowed site admins to inject arbitrary OS commands. The impact is limited by th...
CVE-2018-6926
CVE-2018-6926 affects MISP 2.4.87 in the file app/Controller/ServersController.php . A server setting allowed the override of a path variable on certain Red Hat Enterprise Linux and CentOS systems (where rh_shell_fix was enabled), enabling site admins to inject arbitrary operating system commands...