Page 5 of 41 results (0.003 seconds)
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2019-9482
https://notcve.org/view.php?id=CVE-2019-9482
01 Mar 2019 — In MISP 2.4.102, an authenticated user can view sightings that they should not be eligible for. Exploiting this requires access to the event that has received the sighting. The issue affects instances with restrictive sighting settings (event only / sighting reported only). En la versión 2.4.102 de MISP, un usuario autenticado puede ver sightings para los que no deberían ser eligibles. Su explotación requiere acceso al evento que ha recibido dicho sighting. • https://github.com/MISP/MISP/commit/c69969329d197bcdd04832b03310fa73f4eb7155 • CWE-862: Missing Authorization •