VYPR
Unrated severityNVD Advisory· Published Jun 22, 2020· Updated Aug 4, 2024

CVE-2020-14969

CVE-2020-14969

Description

app/Model/Attribute.php in MISP 2.4.127 lacks an ACL lookup on attribute correlations. This occurs when querying the attribute restsearch API, revealing metadata about a correlating but unreachable attribute.

Affected products

2
  • MISP/MISPdescription
  • Misp/Mispllm-fuzzy
    Range: =2.4.127

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.