Sensitive Information Disclosure in MISP 2.4.172 Server Sync
CVE-2023-37306 · HIGH Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
MISP 2.4.172 mishandles different certificate file extensions in server sync. An attacker can obtain sensitive information because of the nature of the error messages.
Learn more about our Cis Benchmark Audit For Server Software.