Unrated severityNVD Advisory· Published Jun 17, 2019· Updated Aug 4, 2024
CVE-2019-12868
CVE-2019-12868
Description
app/Model/Server.php in MISP 2.4.109 allows remote command execution by a super administrator because the PHP file_exists function is used with user-controlled entries, and phar:// URLs trigger deserialization.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- MISP/MISPdescription
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.