CVE advisoryCRITICAL
CVE-2021-25323
MISP Password Change Vulnerability CVE-2021-25323
Halo Surface Signal: 4 out of 5 — likely to be public-facing.
A security misconfiguration in MISP allows an unauthenticated attacker to change user passwords without prior authentication, potentially granting unauthorized access to sensitive threat intelligence data. This occurs because password change requirements were not enabled by default in the affected version. Confirmation