CVE-2026-54397

EPSS 0.23%
Veröffentlicht 12.06.2026 20:55:53
Zuletzt bearbeitet 15.06.2026 20:46:57
Quelle 5a6e4751-2f3f-4070-9419-94fb35
CVE-Watchlists
Login
Unerledigt
Login

MISP event editing allows unauthorized assignment to undisclosed sharing groups

A vulnerability in MISP’s non-REST event editing path allowed an authenticated user with event edit permissions to manipulate the submitted form data and set an event’s sharing_group_id to a sharing group they were not authorized to use. When distribution was set to sharing group distribution, the non-REST save path accepted the submitted sharing_group_id without performing the same sharing group authorization check enforced by the REST edit path.

An attacker could exploit this by tampering with the event edit request and assigning an event to an undisclosed or unauthorized sharing group. This could result in unauthorized use of restricted sharing groups, disclosure of the sharing group name in event listings, and unintended modification of the event’s distribution metadata.

The issue is fixed by validating that the selected sharing group can be used by the current user when the sharing group is changed, and by clearing sharing_group_id when the event distribution is not set to sharing group distribution.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 4

CNA 1 VulnDex Vulnerability Enrichment 1

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

Herstellermisp

≫

Produkt misp

Default Statusunaffected

Version 0

Version < 2.5.40

Status affected

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.23%	0.131

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
5a6e4751-2f3f-4070-9419-94fb35b644e8	6.1	0	0	CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:L/VI:L/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

CWE-863 Incorrect Authorization

The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.

https://github.com/MISP/MISP/commit/609ff6c785d7dae41d22ef43dda9347d34cd2a58

https://nvd.nist.gov/vuln/detail/CVE-2026-54397

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2026-54397

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2026-54397

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2026-54397