CVE-2023-50918 — CRITICAL (9.8)

Q: What is CVE-2023-50918?

CVE-2023-50918 is a vulnerability with a CVSS score of 9.8 (CRITICAL). app/Controller/AuditLogsController.php in MISP before 2.4.182 mishandles ACLs for audit logs.

Q: How severe is CVE-2023-50918?

CVE-2023-50918 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.

Q: Is there a patch for CVE-2023-50918?

Check the references section above for vendor advisories and patch information. Affected products include: Misp Misp.

Vulnerability Description

app/Controller/AuditLogsController.php in MISP before 2.4.182 mishandles ACLs for audit logs.

CVSS Score

9.8

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Misp	Misp	< 2.4.182

References

https://github.com/MISP/MISP/commit/92888b1376246c0f20c256aaa3c57b6f12115fa1Patch
https://github.com/MISP/MISP/compare/v2.4.181...v2.4.182Patch
https://github.com/MISP/MISP/commit/92888b1376246c0f20c256aaa3c57b6f12115fa1Patch
https://github.com/MISP/MISP/compare/v2.4.181...v2.4.182Patch

FAQ

What is CVE-2023-50918?

CVE-2023-50918 is a vulnerability with a CVSS score of 9.8 (CRITICAL). app/Controller/AuditLogsController.php in MISP before 2.4.182 mishandles ACLs for audit logs.

How severe is CVE-2023-50918?

CVE-2023-50918 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.

Is there a patch for CVE-2023-50918?

Check the references section above for vendor advisories and patch information. Affected products include: Misp Misp.