CVE-2017-11183

Опубликовано: 28 июл. 2017

Источник: nvd

CVSS3: 4.9

CVSS2: 5.5

EPSS Низкий

Описание

front/backup.php in GLPI before 9.1.5 allows remote authenticated administrators to delete arbitrary files via a crafted file parameter.

Ссылки

https://github.com/glpi-project/glpi/issues/2450
Third Party Advisory
https://github.com/glpi-project/glpi/releases/tag/9.1.5
Third Party Advisory
https://github.com/glpi-project/glpi/issues/2450
Third Party Advisory
https://github.com/glpi-project/glpi/releases/tag/9.1.5
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:glpi-project:glpi:*:*:*:*:*:*:*:*

Версия до 9.1.4 (включая)

EPSS

Процентиль: 61%

0.00414

Низкий

4.9 Medium

CVSS3

5.5 Medium

CVSS2

Дефекты

CWE-20

Связанные уязвимости

CVE-2017-11183

CVSS3: 4.9

ubuntu

больше 8 лет назад

front/backup.php in GLPI before 9.1.5 allows remote authenticated administrators to delete arbitrary files via a crafted file parameter.

CVE-2017-11183

CVSS3: 4.9

debian

больше 8 лет назад

front/backup.php in GLPI before 9.1.5 allows remote authenticated admi ...

GHSA-xfjg-rw3q-526r

CVSS3: 4.9

github

больше 3 лет назад

front/backup.php in GLPI before 9.1.5 allows remote authenticated administrators to delete arbitrary files via a crafted file parameter.

EPSS

Процентиль: 61%

0.00414

Низкий

4.9 Medium

CVSS3

5.5 Medium

CVSS2

Дефекты

CWE-20