CVE-2015-5719
UnknownEPSS 2.27%
Last modified
CVE-2015-5719 is a vulnerability of currently unknown severity. app/Controller/TemplatesController.php in Malware Information Sharing Platform (MISP) before 2.3.92 does not properly restrict filenames under the tmp/files/ directory, which has unspecified impact and attack vectors.. EPSS estimates a 2.27% chance of exploitation in the next 30 days.
Description
app/Controller/TemplatesController.php in Malware Information Sharing Platform (MISP) before 2.3.92 does not properly restrict filenames under the tmp/files/ directory, which has unspecified impact and attack vectors.
Metrics
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Misp-Project | Misp | <= 2.3.91 |
References
- https://github.com/MISP/MISP/commit/27cc167c3355ec76292235d7f5f4e0016bfd7699Issue Tracking, Patch
- https://www.circl.lu/advisory/CVE-2015-5719/Third Party Advisory
- https://github.com/MISP/MISP/commit/27cc167c3355ec76292235d7f5f4e0016bfd7699Issue Tracking, Patch
- https://www.circl.lu/advisory/CVE-2015-5719/Third Party Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2015-5719?
app/Controller/TemplatesController.php in Malware Information Sharing Platform (MISP) before 2.3.92 does not properly restrict filenames under the tmp/files/ directory, which has unspecified impact and attack vectors.
How severe is CVE-2015-5719?
Severity scoring for CVE-2015-5719 is pending analysis. The EPSS model estimates a 2.27% probability of exploitation in the next 30 days.
How do I fix CVE-2015-5719?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.
Are you affected by CVE-2015-5719?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST