目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1336

100%

CVE-2026-56423— MISP Core 实例级事件报告与共享组非法删除漏洞

AI 预测 6.5 利用难度: 较易 EPSS 0.26% · P17
获取后续新漏洞提醒登录后订阅

一、 漏洞 CVE-2026-56423 基础信息

漏洞信息

对漏洞内容有疑问?看看神龙的深度分析是否有帮助!
查看神龙十问 ↗

尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。

Vulnerability Title
MISP Core: Broken access control allows instance-wide unauthorized deletion of event reports and sharing groups via bulk deletion endpoints
来源: 美国国家漏洞数据库 NVD
Vulnerability Description
MISP Core contained broken access-control checks in the bulk deletion flows for Event Reports and Sharing Groups. The affected deleteSelection handlers authorized deletion using broad role-level permissions instead of validating authorization for each selected object. For Event Reports, EventReportsController::deleteSelection relied on the global perm_add capability rather than a per-report ownership/authorization check. As a result, a contributor-level user could submit report IDs or UUIDs for reports belonging to other organisations and hard-delete them instance-wide. The fix changed the callback to call EventReport::fetchIfAuthorized($user, $itemId, 'delete') for each selected report before deletion. For Sharing Groups, SharingGroupsController::deleteSelection relied on the global perm_sharing_group capability rather than verifying ownership of each selected sharing group. This allowed a sharing-group-capable user to hard-delete sharing groups owned by other organisations, bypassing the per-object ownership gate used by the single-object delete action. The fix changed the callback to call SharingGroup::checkIfOwner($user, $itemId) for each selected sharing group. An authenticated attacker with the relevant broad role permission could abuse the affected bulk deletion endpoints to delete objects outside their organisation’s authorization scope, causing loss of event-report content or sharing-group configuration across the instance.
来源: 美国国家漏洞数据库 NVD
CVSS Information
N/A
来源: 美国国家漏洞数据库 NVD
Vulnerability Type
授权机制缺失
来源: 美国国家漏洞数据库 NVD

受影响产品

厂商产品影响版本CPE订阅
mispmisp 0 ~ 2.5.41 -

二、漏洞 CVE-2026-56423 的公开POC

#POC 描述源链接神龙链接
AI 生成 POC高级

未找到公开 POC。

登录以生成 AI POC

三、漏洞 CVE-2026-56423 的情报信息

登录查看更多情报信息。

CVE-2026-56423 补丁与修复 (2)

同批安全公告 · misp · 2026-06-22 · 共 6 条

CVE-2026-56447MISP 远程代码执行漏洞
CVE-2026-56424MISP 核心越权修改、删除数据漏洞
CVE-2026-56446MISP NDJSON错误日志路径远程代码执行漏洞
CVE-2026-56425MISP AAD认证插件存在OAuth状态处理不当、会话轮换缺失、重定向URI验证不安全及日志注入漏洞
CVE-2026-56422MISP Core 未验证请求字段导致质量分配和对象重新所有权漏洞

IV. Related Vulnerabilities

V. Comments for CVE-2026-56423

暂无评论


发表评论