CVE Details
ID CVE-2020-12889
Summary MISP MISP-maltego 1.4.4 incorrectly shares a MISP connection across users in a remote-transform use case.
References
Vulnerable Configurations
  • cpe:2.3:a:misp:misp-maltego:1.4.4:*:*:*:*:*:*:*
    cpe:2.3:a:misp:misp-maltego:1.4.4:*:*:*:*:*:*:*
CVSS
Base: 7.5 (as of 19-05-2020 - 13:38)
Impact: 6.4
Exploitability:10.0
CWE NVD-CWE-noinfo
CAPEC Click the CAPEC title to display a description
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
CVSS v3.1
Base: 9.8 (as of 19-05-2020 - 13:38)
Impact: 5.9
Exploitability:3.9
Exploitability v3.1
Attack ComplexityAttack vectorPrivileges RequiredScopeUser Interaction
LOW NETWORK NONE UNCHANGED NONE
Impact v3.1
ConfidentialityIntegrityAvailability
HIGH HIGH HIGH
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:P
cvss3-vector via4 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
refmap via4
misc https://github.com/MISP/MISP-maltego/commit/3ccde66dab4096ab5663e69f352992cc73e1160b
Last major update 19-05-2020 - 13:38
Published 15-05-2020 - 18:15
Last modified 19-05-2020 - 13:38
Back to Top