CVE-2024-26139
CVSS V2 None
CVSS V3 None
Description
OpenCTI is an open source platform allowing organizations to manage their cyber threat intelligence knowledge and observables. Due to lack of certain security controls on the profile edit functionality, an authenticated attacker with low privileges can gain administrative privileges on the web application.
Overview
- CVE ID
- CVE-2024-26139
- Assigner
- GitHub_M
- Vulnerability Status
- PUBLISHED
- Published Version
- 2024-05-23T11:47:44.488Z
- Last Modified Date
- 2024-06-04T17:48:57.357Z
Weakness Enumerations
References
| Reference URL | Reference Tags |
|---|---|
| https://github.com/OpenCTI-Platform/opencti/security/advisories/GHSA-qx4j-f4f2-vjw9 | x_refsource_CONFIRM |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2024-26139 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26139 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2024-06-26 01:01:48 | Added to TrackCVE |