Yusukejustinnakajima

Name of the Vulnerable Software and Affected Versions: OpenCTI versions prior to 6.3.0 Description: The issue arises from inadequate access control for support information, allowing general users to access data meant only for users with admin and support privileges. This is facilitated by the availability of a UUID to general users through an attached query, such as a logs query, which can then be used to access sensitive information via the endpoint http://<opencti domain>/storage/get/support/UUID/UUID.zip. Recommendations: For versions prior to 6.3.0, update to version 6.3.0 to resolve the issue. As a temporary workaround, consider restricting access to the support information endpoint or limiting the availability of the UUID to prevent unauthorized access.

Name of the Vulnerable Software and Affected Versions: OpenCTI versions prior to 6.2.18 Description: The issue affects the two-factor authentication mechanism in OpenCTI, an open-source cyber threat intelligence platform. Due to the lack of a function to limit the rate of One Time Passwords (OTPs), an attacker with valid credentials or a malicious user can bypass the two-factor authentication and hijack the account. This is because the `otpLogin` mutation does not implement One Time Password rate limiting. Recommendations: For versions prior to 6.2.18, as a temporary workaround, consider disabling the `otpLogin` mutation until a patch is available. Restrict access to the two-factor authentication mechanism to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.