Main Vulnerability Database Vulnerabilities #VU128495

Improper access control in MISP - #VU128495

Published: April 30, 2026

Vulnerability identifier: #VU128495

CSH Severity: Low

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: N/A

CWE-ID: CWE-284

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: misp-project.org

Affected software:
MISP

Detailed vulnerability description

The vulnerability allows a remote user to escalate privileges to site administrator.

The vulnerability exists due to improper access control in the authentication key reset functionality when handling authentication key reset requests for site administrator accounts within the same organization. A remote user can reset authentication keys for site administrator accounts to escalate privileges to site administrator.

Exploitation requires organization administrator privileges and is limited to site administrator accounts within the same organization.

Remediation

Install security update from vendor's website.

Sources

https://github.com/MISP/MISP/security/advisories/GHSA-3939-4g6m-m3hc

Improper access control in MISP - #VU128495

Detailed vulnerability description

Remediation

Sources

Please verify you're human