Summary
General users can access information that can only be accessed by users with access privileges to admin and support information (SETTINGS_SUPPORT).
Details
General users can access information that can only be accessed by users with access privileges to admin and support information (SETTINGS_SUPPORT). This is due to inadequate access control for support information (http://<opencti_domain>/storage/get/support/UUID/UUID.zip), and that the UUID is available to general users using an attached query (logs query).
Impact
An attacker with general user privileges can gain unauthorized access to software and OS version information and so on that can only be accessed by admin. This allows them to collect information necessary for their additional attacks, which may lead to further damage.
YusukeJustinNakajima Reporter
Summary
General users can access information that can only be accessed by users with access privileges to admin and support information (SETTINGS_SUPPORT).
Details
General users can access information that can only be accessed by users with access privileges to admin and support information (SETTINGS_SUPPORT). This is due to inadequate access control for support information (http://<opencti_domain>/storage/get/support/UUID/UUID.zip), and that the UUID is available to general users using an attached query (logs query).
Impact
An attacker with general user privileges can gain unauthorized access to software and OS version information and so on that can only be accessed by admin. This allows them to collect information necessary for their additional attacks, which may lead to further damage.