We are reliable, trustworthy, and ready for challenges! Hire Us
Contact our expert
DATE
29.09.2021
Affected Vendor
CIRCL – Computer Incident Response Center Luxembourg
Affected Product
MISP – Open Source Threat Intelligence Platform & Open Standards For Threat Information Sharing – https://www.misp-project.org/
Vulnerable version
2.4.147
Fixed version
2.4.148
CVSS
9.9 Critical CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Recommendations
Update to MISP version 2.4.148
Vulnerability details
A user can inject operating system commands when exporting data in Opendata format.
CVE
CVE-2021-41326
Credits
Dawid Czarnecki
References
Do you think the security of your data might be lacking? Let's find the best approach together. Once you contact us, we will ask you about the project you want to secure.
Your email address will not be published. Required fields are marked *
Your data will be processed in accordance with our privacy policy