Unrated severityNVD Advisory· Published Apr 2, 2020· Updated Aug 4, 2024
CVE-2020-11458
CVE-2020-11458
Description
app/Model/feed.php in MISP before 2.4.124 allows administrators to choose arbitrary files that should be ingested by MISP. This does not cause a leak of the full contents of a file, but does cause a leaks of strings that match certain patterns. Among the data that can leak are passwords from database.php or GPG key passphrases from config.php.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- MISP/MISPdescription
Patches
Vulnerability mechanics
References
2- github.com/MISP/MISP/commit/30ff4b6451549dae7b526d4fb3a49061311ed477mitrex_refsource_MISC
- matthias.sdfeu.org/misp-poc.pymitrex_refsource_MISC
News mentions
0No linked articles in our index yet.