Description
OpenCTI is an open-source cyber threat intelligence platform. Before 6.3.0, general users can access information that can only be accessed by users with access privileges to admin and support information (SETTINGS_SUPPORT). This is due to inadequate access control for support information (http://<opencti_domain>/storage/get/support/UUID/UUID.zip), and that the UUID is available to general users using an attached query (logs query). This vulnerability is fixed in 6.3.0.
Mitigation
Minimal update. May introduce new vulnerabilities or breaking changes.
|
 pypi | | =1.2.1 || =1.2.11 || =1.2.12 || =1.2.13 || =1.2.14 || =1.2.15 || =1.2.2 || =1.2.4 || =1.2.9 || =2.0.0 || =2.0.1 || =2.0.2 || =2.0.3 || =2.1.10 || =2.1.11 || =2.1.12 || =2.1.13 || =2.1.3 || =2.1.4 || =2.1.5 || =2.1.6 || =2.1.7 || =2.1.8 || =2.1.9 || =3.0.0 || =3.0.1 || =3.0.2 || =3.0.3 || =3.1.0 || =3.1.1 || =3.1.2 || =3.2.0 || =3.2.1 || =3.2.2 || =3.2.3 || =3.2.4 || =3.2.5 || =3.2.6 || =3.2.7 || =3.3.0 || =3.3.1 || =3.3.2 || =3.3.3 || =4.0.0 || =4.0.1 || =4.0.2 || =4.0.3 || =4.0.4 || =4.0.5 || =4.0.6 || =4.0.7 || =4.1.0 || =4.1.1 || =4.1.2 || =4.2.1 || =4.2.2 || =4.2.3 || =4.2.4 || =4.3.0 || =4.3.1 || =4.3.2 || =4.3.3 || =4.3.4 || =4.3.5 || =4.4.0 || =4.4.1 || =4.4.2 || =4.4.3 || =4.5.0 || =4.5.1 || =4.5.2 || =4.5.3 || =4.5.4 || =4.5.5 || =5.0.0 || =5.0.1 || =5.0.2 || =5.0.3 || =5.1.0 || =5.1.1 || =5.1.2 || =5.1.3 || =5.1.4 || =5.10.0 || =5.10.1 || =5.10.2 || =5.10.3 || =5.11.0 || =5.11.1 || =5.11.10 || =5.11.11 || =5.11.12 || =5.11.13 || =5.11.14 || =5.11.2 || =5.11.3 || =5.11.4 || =5.11.5 || =5.11.6 || =5.11.7 || =5.11.8 || =5.11.9 || =5.12.0 || =5.12.1 || =5.12.10 || =5.12.11 || =5.12.12 || =5.12.13 || =5.12.14 || =5.12.15 || =5.12.16 || =5.12.17 || =5.12.18 || =5.12.19 || =5.12.2 || =5.12.20 || =5.12.21 || =5.12.22 || =5.12.23 || =5.12.24 || =5.12.25 || =5.12.26 || =5.12.27 || =5.12.28 || =5.12.29 || =5.12.3 || =5.12.30 || =5.12.31 || =5.12.32 || =5.12.33 || =5.12.4 || =5.12.5 || =5.12.6 || =5.12.7 || =5.12.8 || =5.12.9 || =5.2.0 || =5.2.1 || =5.2.2 || =5.2.3 || =5.2.4 || =5.3.0 || =5.3.1 || =5.3.10 || =5.3.11 || =5.3.12 || =5.3.13 || =5.3.14 || =5.3.15 || =5.3.16 || =5.3.17 || =5.3.2 || =5.3.3 || =5.3.4 || =5.3.5 || =5.3.6 || =5.3.7 || =5.3.8 || =5.3.9 || =5.3.post5310 || =5.3.post5311 || =5.3.post5312 || =5.3.post5314 || =5.3.post5315 || =5.3.post5316 || =5.3.post5317 || =5.3.post5318 || =5.4.0 || =5.4.1 || =5.5.0 || =5.5.1 || =5.5.2 || =5.5.3 || =5.5.4 || =5.5.5 || =5.5.6 || =5.5.post551 || =5.5.post552 || =5.5.post553 || =5.5.post554 || =5.5.post555 || =5.5.post556 || =5.6.0 || =5.6.1 || =5.6.2 || =5.6.post560 || =5.6.post561 || =5.6.post562 || =5.7.0 || =5.7.1 || =5.7.2 || =5.7.3 || =5.7.4 || =5.7.5 || =5.7.6 || =5.7.post570 || =5.7.post571 || =5.7.post572 || =5.7.post573 || =5.7.post574 || =5.7.post575 || =5.7.post576 || =5.8.0 || =5.8.1 || =5.8.2 || =5.8.3 || =5.8.4 || =5.8.5 || =5.8.6 || =5.8.7 || =5.9.0 || =5.9.1 || =5.9.2 || =5.9.3 || =5.9.4 || =5.9.5 || =5.9.6 || =6.0.0 || =6.0.1 || =6.0.10 || =6.0.2 || =6.0.3 || =6.0.4 || =6.0.5 || =6.0.6 || =6.0.7 || =6.0.8 || =6.0.9 || =6.1.0 || =6.1.1 || =6.1.10 || =6.1.11 || =6.1.12 || =6.1.13 || =6.1.2 || =6.1.3 || =6.1.4 || =6.1.5 || =6.1.6 || =6.1.7 || =6.1.8 || =6.1.9 || =6.2.0 || =6.2.1 || =6.2.10 || =6.2.11 || =6.2.12 || =6.2.13 || =6.2.14 || =6.2.15 || =6.2.16 || =6.2.17 || =6.2.18 || =6.2.19 || =6.2.2 || =6.2.3 || =6.2.4 || =6.2.5 || =6.2.6 || =6.2.7 || =6.2.8 || =6.2.9 || >=0 <6.3.0 | 6.3.0 |
