CVE-2024-26139
OpenCTI Authenticated Privilege Escalation
In short
An authenticated user with basic permissions in OpenCTI can exploit a flaw in the profile editing feature to gain admin privileges. This is dangerous because it allows attackers to take full control of the threat intelligence platform.
Technical detail
OpenCTI contains insufficient authorization controls in the profile edit functionality (CWE-284, CWE-657). An authenticated attacker with low-privilege credentials can escalate privileges to administrator level through this vector. Successful exploitation grants complete control over the platform, including threat intelligence data and user management.
Summary generated and translated by AI from the official description.
OpenCTI is an open source platform allowing organizations to manage their cyber threat intelligence knowledge and observables. Due to lack of certain security controls on the profile edit functionality, an authenticated attacker with low privileges can gain administrative privileges on the web application.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
Affected products
OpenCTI-Platform · openctiWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →