CVE-2026-10855— MISP 安全漏洞

MISP Event template importer authorization bypass

An authorization flaw existed in the MISP Event Template Importer overwrite workflow. When importing an event template in overwrite mode, the application checked whether a matching template already existed but did not verify that the importing user belonged to the organization that owned the existing template. As a result, an authenticated user with access to the template import functionality could forcibly overwrite an event template owned by another organization. Successful exploitation could allow unauthorized modification of another organization’s event template, potentially altering template structure, attributes, or metadata used for subsequent event creation or sharing workflows. Site administrators are not affected by this restriction, as they are explicitly allowed to overwrite templates across organizations. The issue was fixed by enforcing an ownership check before overwrite: non-site-admin users may only overwrite templates owned by their own organization.

N/A

授权机制缺失

MISP 安全漏洞

MISP是MISP开源的一套开源的软件解决方案。该产品用于收集、存储、分发、共享网络安全指标，并具有威胁网络安全事件分析和恶意软件分析等功能。 MISP存在安全漏洞，该漏洞源于覆盖工作流中的授权缺陷，可能导致经过身份验证的用户强制覆盖其他组织拥有的事件模板。

N/A

N/A