Command Injection in MISP Opendata Export Feature by ThreatConnect
CVE-2021-41326

9.8CRITICAL

Key Information:

Vendor: Misp
Status: Misp
Vendor: CVE Published:; 17 September 2021

What is CVE-2021-41326?

A command injection vulnerability exists in the MISP (Malware Information Sharing Platform) affecting versions prior to 2.4.148. The issue arises from improper handling of parameter data in the Opendata export functionality, specifically within the app/Lib/Export/OpendataExport.php file. Maliciously crafted input can be processed in an unsafe manner, allowing for the execution of arbitrary shell commands. This situation poses a significant risk to system integrity and confidentiality, necessitating prompt updates to mitigate the issue.

References

https://github.com/MISP/MISP/commit/e36f73947e741bc97320f...

https://github.com/MISP/MISP/compare/v2.4.147...v2.4.148

https://zigrin.com/advisories/misp-command-injection-vuln...

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 17, 2021
Vulnerability Reserved
Sep 17, 2021

CVE-2021-41326 Data

JSON

Misp

What is CVE-2021-41326?

References

CVSS V3.1

Timeline