Administrative Privileges Vulnerability in OpenCTI Platform
CVE-2024-26139

8.1HIGH

Key Information:

Vendor: Opencti-platform
Status: Opencti
Vendor: CVE Published:; 23 May 2024

🔔 Create Opencti-platform Vulnerability Alert

What is CVE-2024-26139?

OpenCTI, a widely used open-source platform for managing cyber threat intelligence, has a significant vulnerability related to its profile edit functionality. This flaw allows an authenticated attacker with minimal privileges to exploit the system and elevate their privileges to administrative levels. The vulnerability arises from insufficient security controls, compromising the integrity and security of the application. Organizations relying on OpenCTI should prioritize patching to mitigate potential risks associated with unauthorized access and data exposure.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

opencti <= 5.12.31

References

https://github.com/OpenCTI-Platform/opencti/security/advi...

x_refsource_CONFIRM

CVSS V3.1

Score:

8.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
May 23, 2024
Vulnerability Reserved
Feb 14, 2024

JSON

Opencti-platform

What is CVE-2024-26139?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.