Vulnerability Database

309,130

Total vulnerabilities in the database

CVE-2024-45805

OpenCTI is an open-source cyber threat intelligence platform. Before 6.3.0, general users can access information that can only be accessed by users with access privileges to admin and support information (SETTINGS_SUPPORT). This is due to inadequate access control for support information (http://<opencti_domain>/storage/get/support/UUID/UUID.zip), and that the UUID is available to general users using an attached query (logs query). This vulnerability is fixed in 6.3.0.

Published: Dec 26, 2024
Updated: Nov 16, 2025
CVE: CVE-2024-45805
Severity: Low
Exploit:

CVSS v3:

Severity: Low
Score: 4.3
AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

CWEs:

OWASP TOP 10:

A5 - Broken Access Control

Affected Software
References

Software	From	Fixed in
citeum / opencti	-	6.3.0

https://github.com/OpenCTI-Platform/opencti/security/advisories/GHSA-42mm-c8x3-g5q6

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo