CNNVD-202511-3022 Information
CNNVD ID
CNNVD-202511-3022
Related CVE
- CNNVD Published: 2025-11-28
Description (Chinese)
MISP是MISP开源的一套开源的软件解决方案。该产品用于收集、存储、分发、共享网络安全指标,并具有威胁网络安全事件分析和恶意软件分析等功能。 MISP 2.5.27之前版本存在安全漏洞,该漏洞源于站点管理员可能遭受路径遍历攻击。
Description (English)
MISP is an open source software solution for the MISP open source. The product is used for the collection, storage, distribution, sharing of cybersecurity indicators and has functions such as threat security incident analysis and malicious software analysis. The previous version of MISP 2.5.27 had a security loophole, which stemmed from the fact that site managers might have been subjected to routing attacks.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
MISP
Published
2025-11-28
Last Modified
2026-02-24
References
https://github.com/MISP/MISP/compare/v2.5.26…v2.5.27 https://github.com/MISP/MISP/commit/7f4a0386d38672eddc139f5735d71c3b749623ce https://access.redhat.com/security/cve/cve-2025-66386
Patch
https://github.com/MISP/MISP/releases
Share on: