Critical access-control vulnerabilities in the MISP core platform expose sensitive threat intelligence data to unauthorized modification or access.

This vulnerability consists of multiple broken access-control flaws within the MISP core, specifically where authorization checks are either misdirected or missing entirely on critical write paths. This likely requires an authenticated user with lower privileges to trigger the flaw.

With a CVSS score of 7.1, this vulnerability poses a severe threat to the integrity of threat intelligence platforms. Unauthorized modification of threat data can lead to false intelligence, potentially misleading security teams and compromising incident response capabilities.

Immediate Action: Apply the latest vendor security updates for the MISP core immediately to restore proper authorization logic.

Proactive Monitoring: Monitor audit logs for suspicious write operations, particularly those performed by users who should not have access to specific entities or indices.

Compensating Controls: Restrict access to the MISP interface to trusted internal networks and enforce multi-factor authentication for all user accounts.

Public Exploit Available: false

Given that MISP manages sensitive security intelligence, the integrity of the platform is paramount. Organizations must treat this access-control flaw with high urgency, ensuring that all authorization paths are correctly validated by applying the latest patches.