漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
N/A
Vulnerability Description
In OpenCTI through 5.2.4, a broken access control vulnerability has been identified in the profile endpoint. An attacker can abuse the identified vulnerability in order to arbitrarily change their registered e-mail address as well as their API key, even though such action is not possible through the interface, legitimately.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
OpenCTI 安全漏洞
Vulnerability Description
OpenCTI是OpenCTI的开放网络威胁情报平台。 OpenCTI 5.2.4版本及之前版本存在安全漏洞。攻击者利用该漏洞滥用已识别的漏洞来任意更改他们注册的电子邮件地址以及他们的 API 密钥。
CVSS Information
N/A
Vulnerability Type
N/A