Description

OpenCTI: Privilege escalation via graphQL API is abusable by organization admins, due to incorrect ACL on userEdit relationAdd

Summary

An organization admin can escalate their privileges by adding a user from a different organization with higher privileges, to their own organization.

Impact

Full platform access, access to sensitive or proprietary information.

Mitigation

Aliases

References