Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Opencti Security Vulnerabilities

cve
cve

CVE-2024-26139

OpenCTI is an open source platform allowing organizations to manage their cyber threat intelligence knowledge and observables. Due to lack of certain security controls on the profile edit functionality, an authenticated attacker with low privileges can gain administrative privileges on the web...

8.3CVSS

7AI Score

0.0004EPSS

2024-05-23 12:15 PM
57
cve
cve

CVE-2022-30290

In OpenCTI through 5.2.4, a broken access control vulnerability has been identified in the profile endpoint. An attacker can abuse the identified vulnerability in order to arbitrarily change their registered e-mail address as well as their API key, even though such action is not possible through...

7.5CVSS

7.4AI Score

0.001EPSS

2022-07-05 01:15 PM
473
5
cve
cve

CVE-2022-30289

A stored Cross-site Scripting (XSS) vulnerability was identified in the Data Import functionality of OpenCTI through 5.2.4. An attacker can abuse the vulnerability to upload a malicious file that will then be executed by a victim when they open the file...

5.4CVSS

5.2AI Score

0.001EPSS

2022-07-05 12:15 PM
31
3