CVE-2023-50918

CRITICAL EPSS 51.5%
Published Dec 15, 20232y ago ยท Modified Jun 22, 20261w ago
9.8 CVSS 3.1
Critical
Find Similar
Published Dec 15, 2023 2y ago
Last Modified Jun 22, 2026 1w ago

Description

app/Controller/AuditLogsController.php in MISP before 2.4.182 mishandles ACLs for audit logs.

CVSS Details

Base Score
9.8
Exploitability
3.9
Impact
5.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector Network
Attack Complexity Low
Privileges Required None
User Interaction None
Scope Unchanged
Confidentiality High
Integrity High
Availability High

Threat Intelligence

EPSS Exploit Probability
51.5% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 1

VendorProductVersionRange
misp-projectmisp* <2.4.182

References 2

  • github.com https://github.com/MISP/MISP/commit/92888b1376246c0f20c256aaa3c57b6f12115fa1
    Patch
  • github.com https://github.com/MISP/MISP/compare/v2.4.181...v2.4.182
    Patch

Remediation

  • github.com https://github.com/MISP/MISP/commit/92888b1376246c0f20c256aaa3c57b6f12115fa1
    Patch
  • github.com https://github.com/MISP/MISP/compare/v2.4.181...v2.4.182
    Patch