Opencti
CVE-2024-45805
MEDIUM
Severity by source
AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Lifecycle Timeline
1DescriptionNVD
OpenCTI is an open-source cyber threat intelligence platform. Before 6.3.0, general users can access information that can only be accessed by users with access privileges to admin and support information (SETTINGS_SUPPORT). This is due to inadequate access control for support information (http://<opencti_domain>/storage/get/support/UUID/UUID.zip), and that the UUID is available to general users using an attached query (logs query). This vulnerability is fixed in 6.3.0.
AnalysisAI
OpenCTI is an open-source cyber threat intelligence platform. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified as Exposure of Sensitive Information (CWE-200), which allows attackers to access sensitive data that should not be disclosed. OpenCTI is an open-source cyber threat intelligence platform. Before 6.3.0, general users can access information that can only be accessed by users with access privileges to admin and support information (SETTINGS_SUPPORT). This is due to inadequate access control for support information (http://<opencti_domain>/storage/get/support/UUID/UUID.zip), and that the UUID is available to general users using an attached query (logs query). This vulnerability is fixed in 6.3.0. Affected products include: Citeum Opencti. Version information: Before 6.3.0.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Minimize information in error messages, implement proper access controls, encrypt sensitive data at rest and in transit.
OpenCTI 3.3.1 is vulnerable to a directory traversal attack via the static/css endpoint. An unauthenticated attacker can
Unauthenticated attackers can escalate privileges in OpenCTI 6.6.0-6.9.12 by impersonating any user account, including t
OpenCTI 3.3.1 is vulnerable to a reflected cross-site scripting (XSS) attack via the /graphql endpoint. An attacker can
OpenCTI is an open cyber threat intelligence (CTI) platform. Rated critical severity (CVSS 9.1), this vulnerability is r
OpenCTI is an open-source cyber threat intelligence platform. Rated high severity (CVSS 8.1), this vulnerability is remo
OpenCTI is an open source platform allowing organizations to manage their cyber threat intelligence knowledge and observ
In OpenCTI through 5.2.4, a broken access control vulnerability has been identified in the profile endpoint. Rated high
Privilege escalation in OpenCTI prior to 6.9.7 allows an organization admin to gain elevated platform-wide privileges by
Authorization bypass in OpenCTI prior to version 7.260326.0 lets any authenticated user holding the KNOWLEDGE_KNUPDATE p
OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables. Prior to version 6.
Elasticsearch Painless script injection via OpenCTI's GraphQL API allows any authenticated user holding the KNOWLEDGE ca
OpenCTI versions prior to 6.9.1 contain an authorization bypass vulnerability in the GraphQL mutation 'IndividualDeletio
Same weakness CWE-200 – Information Exposure
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today