CVE-2025-24887

{"id": "CVE-2025-24887", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 3.4, "exploitabilityScore": 2.8}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 3.4, "exploitabilityScore": 2.8}]}, "published": "2025-04-30T19:15:55.070", "references": [{"url": "https://github.com/OpenCTI-Platform/opencti/security/advisories/GHSA-8262-pw2q-5qc3", "tags": ["Vendor Advisory"], "source": "security-advisories@github.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-284"}, {"lang": "en", "value": "CWE-657"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "OpenCTI is an open-source cyber threat intelligence platform. In versions starting from 6.4.8 to before 6.4.10, the allow/deny lists can be bypassed, allowing a user to change attributes that are intended to be unmodifiable by the user. It is possible to toggle the `external` flag on/off and change the own token value for a user. It is also possible to edit attributes that are not in the allow list, such as `otp_qr` and `otp_activated`. If external users exist in the OpenCTI setup and the information about these users identities is sensitive, the above vulnerabilities can be used to enumerate existing user accounts as a standard low privileged user. This issue has been patched in version 6.4.10."}, {"lang": "es", "value": "OpenCTI es una plataforma de inteligencia de ciberamenazas de c\u00f3digo abierto. En versiones desde la 6.4.8 hasta anteriores a la 6.4.10, se pueden omitir las listas de permitidos/denegados, lo que permite al usuario cambiar atributos que no se deben modificar. Es posible activar o desactivar la opci\u00f3n \"external\" y cambiar el valor del token de un usuario. Tambi\u00e9n es posible editar atributos que no est\u00e1n en la lista de permitidos, como \"otp_qr\" y \"otp_activated\". Si existen usuarios externos en la configuraci\u00f3n de OpenCTI y la informaci\u00f3n sobre sus identidades es confidencial, las vulnerabilidades mencionadas anteriormente se pueden utilizar para enumerar las cuentas de usuario existentes como un usuario est\u00e1ndar con privilegios bajos. Este problema se ha corregido en la versi\u00f3n 6.4.10."}], "lastModified": "2025-05-19T11:51:33.870", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:citeum:opencti:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5CD9EE37-D774-47BF-9839-67971932C2CB", "versionEndIncluding": "6.4.10", "versionStartExcluding": "6.4.8"}], "operator": "OR"}]}], "sourceIdentifier": "security-advisories@github.com"}