CVE-2024-45509

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2024-45509

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-45509.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2024-45509

Published

2024-09-01T22:15:14.053Z

Modified

2026-04-10T05:16:17.837662Z

Severity

6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVSS Calculator

Summary

[none]

Details

In MISP through 2.4.196, app/Controller/BookmarksController.php does not properly restrict access to bookmarks data in the case where the user is not an org admin.

References

https://github.com/MISP/MISP/commit/3f3b9a574f349182a545636e12efa39267e9db04

Affected packages

Git / github.com/misp/misp

Affected ranges

Type

GIT

Repo

https://github.com/misp/misp

Events

Introduced

Fixed

ba7e276fd86d12da6c54511279b31858d29baf31

Fixed

3f3b9a574f349182a545636e12efa39267e9db04

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "2.4.197"
        }
    ]
}

Affected versions

Other

codename/tellurium

v0.*

v0.2

v2.*

v2.3.0

v2.4.0

v2.4.1

v2.4.10

v2.4.100

v2.4.101

v2.4.102

v2.4.106

v2.4.107

v2.4.109

v2.4.11

v2.4.110

v2.4.111

v2.4.118

v2.4.120

v2.4.121

v2.4.122

v2.4.123

v2.4.125

v2.4.127

v2.4.128

v2.4.13

v2.4.130

v2.4.133

v2.4.134

v2.4.136

v2.4.137

v2.4.14

v2.4.15

v2.4.152

v2.4.153

v2.4.16

v2.4.17

v2.4.175

v2.4.18

v2.4.183

v2.4.184

v2.4.185

v2.4.186

v2.4.187

v2.4.188

v2.4.189

v2.4.190

v2.4.191

v2.4.192

v2.4.193

v2.4.194

v2.4.195

v2.4.196

v2.4.2

v2.4.20

v2.4.21

v2.4.22

v2.4.23

v2.4.24

v2.4.25

v2.4.26

v2.4.27

v2.4.3

v2.4.34

v2.4.35

v2.4.36

v2.4.37

v2.4.38

v2.4.39

v2.4.4

v2.4.43

v2.4.45

v2.4.46

v2.4.47

v2.4.48

v2.4.5

v2.4.50

v2.4.51

v2.4.52

v2.4.53

v2.4.54

v2.4.56

v2.4.57

v2.4.58

v2.4.59

v2.4.60

v2.4.61

v2.4.62

v2.4.63

v2.4.64

v2.4.65

v2.4.7

v2.4.78

v2.4.80

v2.4.82

v2.4.83

v2.4.85

v2.4.86

v2.4.87

v2.4.88

v2.4.89

v2.4.9

v2.4.91

v2.4.93

v2.4.94

v2.4.95

v2.4.96

v2.4.98

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-45509.json"