VYPR
Unrated severityNVD Advisory· Published Apr 2, 2020· Updated Aug 4, 2024

CVE-2020-11458

CVE-2020-11458

Description

app/Model/feed.php in MISP before 2.4.124 allows administrators to choose arbitrary files that should be ingested by MISP. This does not cause a leak of the full contents of a file, but does cause a leaks of strings that match certain patterns. Among the data that can leak are passwords from database.php or GPG key passphrases from config.php.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • MISP/MISPdescription
  • Misp/Mispllm-fuzzy
    Range: <2.4.124

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.