Andrei Agape

Name of the Vulnerable Software and Affected Versions: VMware Cloud Director (affected versions not specified) Description: The issue is related to improper privilege management, which can lead to a Denial of Service for active sessions within an organization's scope. An authenticated tenant administrator may accidentally disable their organization. The vulnerability can be exploited remotely, potentially causing a disruption in service. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** MISP versions prior to 2.4.184 **Description** An issue was discovered in the organisation logo upload feature due to a lack of checks for the file extension and MIME type, making it insecure. **Recommendations** For versions prior to 2.4.184, update to version 2.4.184 or later to resolve the issue. As a temporary workaround, consider restricting the organisation logo upload feature until a patch is available.