CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-37155 – OpenCTI May Bypass Introspection Restriction
https://notcve.org/view.php?id=CVE-2024-37155
OpenCTI is an open source platform allowing organizations to manage their cyber threat intelligence knowledge and observables. Prior to version 6.1.9, the regex validation used to prevent Introspection queries can be bypassed by removing the extra whitespace, carriage return, and line feed characters from the query. GraphQL Queries in OpenCTI can be validated using the `secureIntrospectionPlugin`. The regex check in the plkugin can be bypassed by removing the carriage return and line feed characters (`\r\n`). Running a curl command against a local instance of OpenCTI will result in a limited error message. • https://github.com/OpenCTI-Platform/opencti/blob/6343b82b0b0a5d3ded3b30d08ce282328a556268/opencti-platform/opencti-graphql/src/graphql/graphql.js#L83-L94 https://github.com/OpenCTI-Platform/opencti/commit/f87d96918c63b0c3d3ebfbea6c789d48e2f56ad5 https://github.com/OpenCTI-Platform/opencti/security/advisories/GHSA-4mvw-j8r9-xcgc • CWE-284: Improper Access Control •
CVSS: 8.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-26139 – OpenCTI Authenticated Privilege Escalation
https://notcve.org/view.php?id=CVE-2024-26139
OpenCTI is an open source platform allowing organizations to manage their cyber threat intelligence knowledge and observables. Due to lack of certain security controls on the profile edit functionality, an authenticated attacker with low privileges can gain administrative privileges on the web application. OpenCTI es una plataforma de código abierto que permite a las organizaciones gestionar sus conocimientos y observables de inteligencia sobre amenazas cibernéticas. Debido a la falta de ciertos controles de seguridad en la funcionalidad de edición de perfiles, un atacante autenticado con privilegios bajos puede obtener privilegios administrativos en la aplicación web. • https://github.com/OpenCTI-Platform/opencti/security/advisories/GHSA-qx4j-f4f2-vjw9 • CWE-284: Improper Access Control CWE-657: Violation of Secure Design Principles •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-30290
https://notcve.org/view.php?id=CVE-2022-30290
In OpenCTI through 5.2.4, a broken access control vulnerability has been identified in the profile endpoint. An attacker can abuse the identified vulnerability in order to arbitrarily change their registered e-mail address as well as their API key, even though such action is not possible through the interface, legitimately. En OpenCTI versiones hasta 5.2.4, se identificó una vulnerabilidad de control de acceso roto en el extremo del perfil. Un atacante puede abusar de la vulnerabilidad identificada para cambiar arbitrariamente su dirección de correo electrónico registrada, así como su clave API, aunque tal acción no sea posible por medio de la interfaz, legítimamente • https://github.com/OpenCTI-Platform/opencti/releases https://www.enisa.europa.eu/topics/threat-risk-management/vulnerability-disclosure •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2022-30289
https://notcve.org/view.php?id=CVE-2022-30289
A stored Cross-site Scripting (XSS) vulnerability was identified in the Data Import functionality of OpenCTI through 5.2.4. An attacker can abuse the vulnerability to upload a malicious file that will then be executed by a victim when they open the file location. Ha sido identificada una vulnerabilidad de tipo Cross-site Scripting (XSS) almacenada en la funcionalidad Data Import de OpenCTI versiones hasta 5.2.4. Un atacante puede abusar de la vulnerabilidad para cargar un archivo malicioso que luego será ejecutado por una víctima cuando abra la ubicación del archivo • https://github.com/OpenCTI-Platform/opencti/releases https://www.enisa.europa.eu/topics/threat-risk-management/vulnerability-disclosure • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •