9
CVE-2020-11060
- EPSS 10.95%
- Veröffentlicht 12.05.2020 20:15:11
- Zuletzt bearbeitet 21.11.2024 04:56:42
- CVE-Watchlists
- Unerledigt
Remote Code Execution in GLPI
In GLPI before 9.4.6, an attacker can execute system commands by abusing the backup functionality. Theoretically, this vulnerability can be exploited by an attacker without a valid account by using a CSRF. Due to the difficulty of the exploitation, the attack is only conceivable by an account having Maintenance privileges and the right to add WIFI networks. This is fixed in version 9.4.6.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Glpi-project ≫ Glpi Version < 9.4.6
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 10.95% | 0.953 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 8.8 | 2.8 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 9 | 8 | 10 |
AV:N/AC:L/Au:S/C:C/I:C/A:C
|
| security-advisories@github.com | 7.4 | 3.1 | 3.7 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L
|
CWE-352 Cross-Site Request Forgery (CSRF)
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component.
http://packetstormsecurity.com/files/163119/GLPI-9.4.5-Remote-Code-Execution.html
https://github.com/glpi-project/glpi/commit/ad748d59c94da177a3ed25111c453902396f320c
https://github.com/glpi-project/glpi/security/advisories/GHSA-cvvq-3fww-5v6f