CVE-2020-8892
published 2020-02-12CVE-2020-8892: An issue was discovered in MISP before 2.4.121. It did not consider the HTTP PUT method when trying to block a brute-force series of invalid requests.
PriorityP339high8.1CVSS 3.1
AVNACHPRNUINSUCHIHAH
EPSS
1.72%
74.6th percentile
An issue was discovered in MISP before 2.4.121. It did not consider the HTTP PUT method when trying to block a brute-force series of invalid requests.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| misp-project | misp | < 2.4.121 | 2.4.121 |
CVSS provenance
nvdv3.18.1HIGHCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
MISP up to 2.4.120 HTTP PUT Request Remote Code Execution
vuldb·2026-06-23·CVSS 8.1
CVE-2020-8892 [HIGH] MISP up to 2.4.120 HTTP PUT Request Remote Code Execution
A vulnerability, which was classified as critical, was found in MISP up to 2.4.120. Affected by this vulnerability is an unknown functionality of the component HTTP PUT Handler. Executing a manipulation as part of Request can lead to Remote Code Execution.
This vulnerability is registered as CVE-2020-8892. It is possible to launch the attack remotely. No exploit is available.
You should upgrade the affected component.
GHSA
GHSA-2xc2-rj8c-xgm7: An issue was discovered in MISP before 2
ghsa_unreviewed·2022-05-24
CVE-2020-8892 [MEDIUM] GHSA-2xc2-rj8c-xgm7: An issue was discovered in MISP before 2
An issue was discovered in MISP before 2.4.121. It did not consider the HTTP PUT method when trying to block a brute-force series of invalid requests.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://github.com/MISP/MISP/commit/934c82819237b4edf1da64587b72a87bec5dd520https://github.com/MISP/MISP/commit/c1a0b3b2809b21b4df8c1efbc803aff700e262c3https://github.com/MISP/MISP/compare/v2.4.120...v2.4.121https://github.com/MISP/MISP/commit/934c82819237b4edf1da64587b72a87bec5dd520https://github.com/MISP/MISP/commit/c1a0b3b2809b21b4df8c1efbc803aff700e262c3https://github.com/MISP/MISP/compare/v2.4.120...v2.4.121
2020-02-12
Published