CVE-2025-24977

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2025-24977

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-24977.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2025-24977

Aliases

GHSA-mf88-g2wq-p7qm

Published

2025-05-05T17:18:47Z

Modified

2025-05-23T03:14:43.822609Z

Severity

9.1 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

OpenCTI is an open cyber threat intelligence (CTI) platform. Prior to version 6.4.11 any user with the capability manage customizations can execute commands on the underlying infrastructure where OpenCTI is hosted and can access internal server side secrets by misusing the web-hooks. Since the malicious user gets a root shell inside a container this opens up the the infrastructure environment for further attacks and exposures. Version 6.4.11 fixes the issue.

References

https://github.com/OpenCTI-Platform/opencti/security/advisories/GHSA-mf88-g2wq-p7qm

Affected packages

Git / github.com/opencti-platform/opencti

Affected ranges

Type: GIT
Repo: https://github.com/opencti-platform/opencti
Events: Introduced

7d5bb142deacc08e89aadcedfe2ebcb62427dcdf

Fixed

d32d207f100e3907501e2fe8765b28563b53876f

Affected versions

6.*

6.4.10

6.4.8

6.4.9