CVE-2014-5032

Опубликовано: 14 апр. 2015

Источник: debian

EPSS Низкий

Описание

GLPI before 0.84.7 does not properly restrict access to cost information, which allows remote attackers to obtain sensitive information via the cost criteria in the search bar.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
glpi	removed			package

Примечания

https://www.openwall.com/lists/oss-security/2014/07/22/6
Only supported behind an authenticated HTTP zone

EPSS

Процентиль: 59%

0.00388

Низкий

Связанные уязвимости

CVE-2014-5032

ubuntu

почти 11 лет назад

GLPI before 0.84.7 does not properly restrict access to cost information, which allows remote attackers to obtain sensitive information via the cost criteria in the search bar.

CVE-2014-5032

nvd

почти 11 лет назад

GLPI before 0.84.7 does not properly restrict access to cost information, which allows remote attackers to obtain sensitive information via the cost criteria in the search bar.

GHSA-j5q8-29xm-2qr8

github

больше 3 лет назад

GLPI before 0.84.7 does not properly restrict access to cost information, which allows remote attackers to obtain sensitive information via the cost criteria in the search bar.

EPSS

Процентиль: 59%

0.00388

Низкий