Misp
CVE-2019-16202
MEDIUM
Severity by source
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Lifecycle Timeline
1DescriptionNVD
MISP before 2.4.115 allows privilege escalation in certain situations. After updating to 2.4.115, escalation attempts are blocked by the __checkLoggedActions function with a "This could be an indication of an attempted privilege escalation on older vulnerable versions of MISP (<2.4.115)" message.
AnalysisAI
MISP before 2.4.115 allows privilege escalation in certain situations. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.
Technical ContextAI
This vulnerability is classified as Improper Privilege Management (CWE-269), which allows attackers to escalate privileges to gain unauthorized elevated access. MISP before 2.4.115 allows privilege escalation in certain situations. After updating to 2.4.115, escalation attempts are blocked by the __checkLoggedActions function with a "This could be an indication of an attempted privilege escalation on older vulnerable versions of MISP (<2.4.115)" message. Affected products include: Misp-Project Misp. Version information: before 2.4.115.
RemediationAI
A vendor patch is available. Apply the latest security update as soon as possible. Apply principle of least privilege, validate privilege transitions, implement proper role separation.
An issue was discovered in MISP 2.4.9x before 2.4.99. Rated high severity (CVSS 8.8), this vulnerability is remotely exp
An issue was discovered in MISP before 2.4.158. Rated critical severity (CVSS 9.8), this vulnerability is remotely explo
app/Controller/Component/IndexFilterComponent.php in MISP before 2.4.167 mishandles ordered_url_params and additional_de
SQL injection in MISP threat intelligence platform versions prior to 2.5.37 allows remote unauthenticated attackers to m
An issue was discovered in MISP before 2.4.158. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitab
MISP 2.4.172 mishandles different certificate file extensions in server sync. Rated high severity (CVSS 7.5), this vulne
In MISP before 2.4.148, app/Lib/Export/OpendataExport.php mishandles parameter data that is used in a shell_exec call. R
An issue was discovered in app/Controller/UsersController.php in MISP 2.4.92. Rated critical severity (CVSS 9.8), this v
An issue was discovered in MISP 2.4.128. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable,
MISP before 2.4.135 lacks an ACL check, related to app/Controller/GalaxyElementsController.php and app/Model/GalaxyEleme
app/View/Elements/genericElements/IndexTable/Fields/generic_field.ctp in MISP 2.4.144 does not sanitize certain data rel
MISP 2.4.148, in certain configurations, allows SQL injection via the app/Model/Log.php $conditions['org'] value. Rated
Same weakness CWE-269 – Improper Privilege Management
View allSame technique Privilege Escalation
View allShare
External POC / Exploit Code
Leaving vuln.today