Unrated severityNVD Advisory· Published May 23, 2024· Updated Aug 1, 2024
OpenCTI Authenticated Privilege Escalation
CVE-2024-26139
Description
OpenCTI is an open source platform allowing organizations to manage their cyber threat intelligence knowledge and observables. Due to lack of certain security controls on the profile edit functionality, an authenticated attacker with low privileges can gain administrative privileges on the web application.
Affected products
1- Range: <= 5.12.31
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- github.com/OpenCTI-Platform/opencti/security/advisories/GHSA-qx4j-f4f2-vjw9mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.