July 11, 2023
We are pleased to announce the immediate availability of MISP v2.4.173 with a new password reset feature, along with a host of quality of life improvements and fixes.
Password reset self-service
We have added a new functionality allowing administrators to enable user self-service for forgotten passwords. When enabled, users will have an additional link below the login screen, allowing them to enter their e-mails and receive a token that can be used to reset their passwords.
The feature requires the user to have a valid encryption key and the lifetime of the tokens is hard-coded to be 10 minutes.
New dashboard widgets
The dashboard has seen another round of improvements, with various fixes and new widgets added. 2.4.173 includes the following new widgets:
- Logarithmic events/org chart (Thanks @vincenzocaputo)
- ATT&CK heatmap widget
Additionally, you can now download the raw data used to feed each widget.
2 vulnerabilities have also been resolved:
Stored XSS via select page titles
Improper sanitisation of user-controlled data ending up in view titles lead to stored XSS
Huge thanks to Ulaş Deniz İlhan from Zigrin Security (absolute heroes at discovering vulnerabilities in MISP!)
RCE via uploaded certificates
Malicious administrators could trigger RCE by uploading a well crafted file as an SSL certificate for the sync connection.
Additional information on the vulnerability can be found at the excellent blog post from synacktiv
Huge thanks to @righel for finding and fixing the vulnerability!
A long list of fixes
As always, we have been diligent with including a long list of fixes, including for issues with server sync certificate handling, url encoding of spaces in search strings, CSRF errors and much more! For a detailed list of fixes, please refer to the changelog.
MISP Objects and Relationships
- Updated relationships to include the ones used by LookyLoo
- Many improvements following OASIS STIX TC
For more details, the misp-object changelog is available.
- Updated threat actor database to include Budapest Convention relation.
For more details, the misp-galaxy changelog is available.
- New warning list digitalSide.IT warninglist added.
- Updated warning-lists for all sources.
For more details, the misp-warninglists changelog is available.
For more details, the misp-taxonomies changelog is available.
Don’t forget to follow us on Mastodon
The MISP projet has its own Mastodon server misp-community.org - don’t forget to follow @email@example.com on the fediverse. Core contributors of MISP can sign-up if they wish to have an account.
MISP Professional Services
MISP Professional Services (MPS) is a program handled by the lead developers of MISP Project, in order to offer highly skilled services around MISP and to support the sustainability of the MISP project. This initiative is meant to address the policy requirements of companies/organisations requiring commercial support contracts. Don’t hesitate to get in touch with us if you need specific services.