MEDIUMpublic-safe

CVE-2019-12794

NVD: An issue was discovered in MISP 2.4.108. NVD: Organization admins could reset credentials for site admins (organization admins have the inherent ability to reset passwords for all of their organization's users). NVD: This, however, could be abused in a situation where the host organization of an instance creates organization admins.

CVSS
6.6 Severity
MEDIUM EPSS
0.0093 (56) KEV
-

Source-published summary

Possible impact

This medium severity issue needs human triage to confirm exposure, affected versions, and vendor guidance for defensive exposure review.

Affected context

vendor/product: misp-project / misp; affected version context: 2.4.108

Remediation / advisory

Remediation reference present; patch status requires confirmation in the linked advisory.

Why it matters

This medium severity issue needs human triage to confirm exposure, affected versions, and vendor guidance for defensive exposure review.; CVSS 6.6 (MEDIUM); EPSS percentile 56; not listed in KEV; Remediation reference present; patch status requires confirmation in the linked advisory; sources: NVD, OSV.

What to verify

Confirm affected product/version, vendor advisory, patch or mitigation, and exposure.

Exposure hint

exposure unknown

Impact tags

明示タグなし

Urgency reasons

affected product presentvendor advisory presentrecent updateremediation reference present

Source-derived note

Summary derived from NVD / OSV description; unsafe procedural detail is not shown.

Redaction metadata

source summary used: True
fallback summary used: False
unsafe procedural detail present: false
raw source displayed: false
public summary redacted: true

Remediation handoff

Public-safe static handoff for human/Codex remediation planning. Scan, patch, external execution, and auto remediation are disabled.

Handoff JSON Handoff Markdown Safe Codex prompt

Safety note

This radar shows source-published defensive context only. Exploit procedures, exploit strings, scanner commands, and auto-remediation are not provided.