Security Advisory

CVE-2020-14969

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-06-22 11:48:44

Last updated 2024-08-04 13:00:52

Assigner mitre

State PUBLISHED

Description

app/Model/Attribute.php in MISP 2.4.127 lacks an ACL lookup on attribute correlations. This occurs when querying the attribute restsearch API, revealing metadata about a correlating but unreachable attribute.

← Browse all CVEs View on cve.org ↗