CVE-2023-24028: fix: [security] Prevent unauthorized access to decaying import function · MISP/MISP@93bf15d

Skip to content

• • Actions

    Automate any workflow

  • Packages

    Host and manage packages

  • Security

    Find and fix vulnerabilities

  • Codespaces

    Instant dev environments

  • Copilot

    Write better code with AI

  • Code review

    Manage code changes

  • Issues

    Plan and track work

  • Discussions

    Collaborate outside of code

*   Explore
*   All features
*   Documentation
*   GitHub Skills
*   Blog

• • For

  • Enterprise

  • Teams

  • Startups

  • Education

  • By Solution

  • CI/CD & Automation

  • DevOps

  • DevSecOps

  • Case Studies

  • Customer Stories

  • Resources

• • GitHub Sponsors

    Fund open source developers

*   The ReadME Project
    
    GitHub community articles
    

*   Repositories
*   Topics
*   Trending
*   Collections

• Pricing

• Notifications

• Fork 1.2k

• Code

• Issues 2.1k

• Pull requests 62

• Discussions

• Actions

• Projects 9

• Wiki

• Security

• Insights

Permalink

Browse files

fix: [security] Prevent unauthorized access to decaying import function

- as reported by Cyber Controls from SIX Group

• Loading branch information

1 parent a46f794 commit 93bf15d3bd703a32ebfe86cb6c1c9b735cf23e30

Showing 1 changed file with 1 addition and 1 deletion.

@@ -125,7 +125,7 @@ class ACLComponent extends Component

‘decayingModel’ => array(

“update” => array(),

“export” => array(‘*’),

“import” => array(‘*’),

“import” => array(‘OR’ => array('perm_admin’, ‘perm_decaying’)),

“view” => array(‘*’),

“index” => array(‘*’),

“add” => array( ‘OR’ => array('perm_admin’, ‘perm_decaying’)),

0 comments on commit 93bf15d

Please sign in to comment.