CVE-2021-39211

Опубликовано: 15 сент. 2021

Источник: ubuntu

Приоритет: medium

EPSS Средний

CVSS2: 5

CVSS3: 5.3

Описание

GLPI is a free Asset and IT management software package. Starting in version 9.2 and prior to version 9.5.6, the telemetry endpoint discloses GLPI and server information. This issue is fixed in version 9.5.6. As a workaround, remove the file ajax/telemetry.php, which is not needed for usual functions of GLPI.

Релиз	Статус	Примечание
bionic	DNE
devel	DNE
esm-apps/xenial	needed
esm-infra-legacy/trusty	DNE
esm-infra/focal	DNE
focal	DNE
hirsute	DNE
impish	DNE
jammy	DNE
kinetic	DNE

Показывать по

Ссылки на источники

EPSS

Процентиль: 98%

0.54404

Средний

5 Medium

CVSS2

5.3 Medium

CVSS3

Связанные уязвимости

CVE-2021-39211

CVSS3: 5.3

nvd

больше 4 лет назад

GLPI is a free Asset and IT management software package. Starting in version 9.2 and prior to version 9.5.6, the telemetry endpoint discloses GLPI and server information. This issue is fixed in version 9.5.6. As a workaround, remove the file `ajax/telemetry.php`, which is not needed for usual functions of GLPI.

CVE-2021-39211

CVSS3: 5.3

debian

больше 4 лет назад

GLPI is a free Asset and IT management software package. Starting in v ...

EPSS

Процентиль: 98%

0.54404

Средний

5 Medium

CVSS2

5.3 Medium

CVSS3

CVE-2021-39211

Описание

Пакет glpi

Ссылки на источники

Связанные уязвимости