CVE-2020-29006: MISP Lacks ACL checks (Confused Deputy)
Virsec Security Research Lab Vulnerability Analysis
The Virsec Security Research Lab provides timely, relevant analysis about recent and notable security vulnerabilities.
1.1 Vulnerability Summary
MISP before 2.4.135 lacks an ACL check, related to app/Controller/GalaxyElementsController.php and app/Model/GalaxyElement.php.
Watch the video to learn more about this and other important vulnerabilities.
1.2 CVSS Score
The CVSS Base score of this vulnerability is 9.8 critical. CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1.3 Affected Version
Affected versions are: MISP before 2.4.135.
1.4 Vulnerability Attribution
This vulnerability is reported by MITRE.
1.5 Risk Impact
MISP Threat Sharing is an open-source threat intelligence platform. The project develops utilities and documentation for more effective threat intelligence, by sharing indicators of compromise. More than 6000 organization are using MISP and it is funded by EU. An attacker who can infiltrate the server effectively control the threat sharing feeds which can adversely affect all endpoints that depend on this feed for their signatures. Although a publicly disclosed vulnerability does not exist, enough information is provided in the GitHub link to design an exploit.
1.6 Virsec Security Platform (VSP) Support:
The Virsec Security Platform (VSP)- Web’s Insider-Protect capability can be used to prevent this vulnerability from being exploited. It will add another layer of protection from ACL perspective.
1.7 Reference Links:
Download the full vulnerability report to learn more about this and other important vulnerabilities.