exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 5

CVE-2022-35947

почти 3 года назад

GLPI stands for Gestionnaire Libre de Parc Informatique and is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. Affected versions have been found to be vulnerable to a SQL injection attack which an attacker could leverage to simulate an arbitrary user login. Users are advised to upgrade to version 10.0.3. Users unable to upgrade should disable the `Enable login with external token` API configuration.

CVSS3: 10

EPSS: Низкий

CVE-2022-35947

почти 3 года назад

GLPI stands for Gestionnaire Libre de Parc Informatique and is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. Affected versions have been found to be vulnerable to a SQL injection attack which an attacker could leverage to simulate an arbitrary user login. Users are advised to upgrade to version 10.0.3. Users unable to upgrade should disable the `Enable login with external token` API configuration.

CVSS3: 10

EPSS: Низкий

CVE-2022-35947

почти 3 года назад

GLPI stands for Gestionnaire Libre de Parc Informatique and is a Free ...

CVSS3: 10

EPSS: Низкий

BDU:2024-05817

почти 3 года назад

Уязвимость системы работы с заявками и инцидентами GLPI, связанная с непринятием мер по защите структуры запроса SQL, используемых в команде SQL, позволяющая нарушителю проводить атаки SQL-инъекцией

CVSS3: 9.8

EPSS: Низкий

ROS-20240726-01

11 месяцев назад

Множественные уязвимости glpi

CVSS3: 9.8

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2022-35947 GLPI stands for Gestionnaire Libre de Parc Informatique and is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. Affected versions have been found to be vulnerable to a SQL injection attack which an attacker could leverage to simulate an arbitrary user login. Users are advised to upgrade to version 10.0.3. Users unable to upgrade should disable the `Enable login with external token` API configuration.	CVSS3: 10	0% Низкий	почти 3 года назад
CVE-2022-35947 GLPI stands for Gestionnaire Libre de Parc Informatique and is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. Affected versions have been found to be vulnerable to a SQL injection attack which an attacker could leverage to simulate an arbitrary user login. Users are advised to upgrade to version 10.0.3. Users unable to upgrade should disable the `Enable login with external token` API configuration.	CVSS3: 10	0% Низкий	почти 3 года назад
CVE-2022-35947 GLPI stands for Gestionnaire Libre de Parc Informatique and is a Free ...	CVSS3: 10	0% Низкий	почти 3 года назад
BDU:2024-05817 Уязвимость системы работы с заявками и инцидентами GLPI, связанная с непринятием мер по защите структуры запроса SQL, используемых в команде SQL, позволяющая нарушителю проводить атаки SQL-инъекцией	CVSS3: 9.8	0% Низкий	почти 3 года назад
ROS-20240726-01 Множественные уязвимости glpi	CVSS3: 9.8		11 месяцев назад

Уязвимостей на страницу