Souadhadjiat

**Name of the Vulnerable Software and Affected Versions** OpenCTI versions 6.6.0 through 6.9.12 **Description** OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables. A privilege escalation issue allows unauthenticated attackers to query the API as any existing user, including the default admin account. **Recommendations** Update to version 6.9.13. As a temporary workaround, disable the default admin using the `APP ADMIN EXTERNALLY MANAGED` configuration.