Vulnerabilities > CVE-2021-27904 - Unspecified vulnerability in Misp

047910
CVSS 2.1 - LOW
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
NONE
Availability impact
NONE
local
low complexity
misp
NVD
Published: 2021-03-02
Updated: 2021-03-08

Summary

An issue was discovered in app/Model/SharingGroupServer.php in MISP 2.4.139. In the implementation of Sharing Groups, the "all org" flag sometimes provided view access to unintended actors.

Vulnerable Configurations

Part Description Count
Application
Misp
301

References