CVE Details for CVE: CVE-2019-19379
Summary
In app/Controller/TagsController.php in MISP 2.4.118, users can bypass intended restrictions on tagging data.
Timestamps | |
---|---|
Last major update | 24-08-2020 - 17:37 |
Published | 28-11-2019 - 17:15 |
Last modified | 24-08-2020 - 17:37 |
CWE
CVSS
Base
5.0
Impact
2.9
Exploitability
10.0
Access
Vector | Complexity | Authentication |
---|---|---|
NETWORK | LOW | NONE |
Impact
Confidentiality | Integrity | Availability |
---|---|---|
NONE | PARTIAL | NONE |
CVSS3
Base
5.3
Impact
1.4
Exploitability
3.9
Access
Attack Complexity | Attack vector | Privileges Required | Scope | User Interaction |
---|---|---|---|---|
LOW | NETWORK | NONE | UNCHANGED | NONE |
Impact
Confidentiality | Integrity | Availability |
---|---|---|
NONE | LOW | NONE |