GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. An authenticated user can exploit a SQL injection vulnerability in some AJAX scripts to alter another user account data and take control of it. Upgrade to 10.0.16.
Metrics
Affected Vendors & Products
References
History
Tue, 19 Nov 2024 15:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Glpi-project
Glpi-project glpi |
|
CPEs | cpe:2.3:a:glpi-project:glpi:*:*:*:*:*:*:*:* | |
Vendors & Products |
Glpi-project
Glpi-project glpi |
|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: GitHub_M
Published: 2024-07-10T19:18:09.444Z
Updated: 2024-11-19T14:15:49.487Z
Reserved: 2024-06-03T17:29:38.328Z
Link: CVE-2024-37148
Vulnrichment
Updated: 2024-08-02T03:50:55.237Z
NVD
Status : Awaiting Analysis
Published: 2024-07-10T20:15:03.280
Modified: 2024-11-21T09:23:18.003
Link: CVE-2024-37148
Redhat
No data.