CVE-2019-12794

Name of the Vulnerable Software and Affected Versions MISP version 2.4.108

Description An issue was discovered where organization admins could reset credentials for site admins, potentially allowing them to impersonate site admins by manually setting their password or using their API key. This issue can be abused when the host organization creates organization admins instead of site admins, and only organization admins of the same organization as the site admin can exploit this.

Recommendations For MISP version 2.4.108, consider restricting the ability of organization admins to reset site admin credentials as a temporary workaround until a patch is available. Restrict access to the API key of site admins to minimize the risk of impersonation.