MISP before 2.4.115 allows privilege escalation in certain situations. After updating to 2.4.115, escalation attempts are blocked by the __checkLoggedActions function with a This could be an indication of an attempted privilege escalation on older vulnerable versions of MISP (<2.4.115) message.
Weakness
The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Misp | Misp | * | 2.4.115 (excluding) |
Potential Mitigations
Related Attack Patterns
- https://cwe.mitre.org/data/definitions/122.html
- https://cwe.mitre.org/data/definitions/233.html
- https://cwe.mitre.org/data/definitions/58.html
References
- https://excellium-services.com/cert-xlm-advisory/cve-2019-16202/
- https://github.com/MISP/MISP/commit/75acd63c46506ad404764c3a3de7d4ca11d0560f
- https://github.com/MISP/MISP/compare/v2.4.114...v2.4.115
- https://excellium-services.com/cert-xlm-advisory/cve-2019-16202/
- https://github.com/MISP/MISP/commit/75acd63c46506ad404764c3a3de7d4ca11d0560f
- https://github.com/MISP/MISP/compare/v2.4.114...v2.4.115