exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 5

CVE-2025-23046

4 месяца назад

GLPI is a free asset and IT management software package. Starting in version 9.5.0 and prior to version 10.0.18, if a "Mail servers" authentication provider is configured to use an Oauth connection provided by the OauthIMAP plugin, anyone can connect to GLPI using a user name on which an Oauth authorization has already been established. Version 10.0.18 contains a patch. As a workaround, one may disable any "Mail servers" authentication provider configured to use an Oauth connection provided by the OauthIMAP plugin.

CVSS3: 7.5

EPSS: Низкий

CVE-2025-23046

4 месяца назад

GLPI is a free asset and IT management software package. Starting in version 9.5.0 and prior to version 10.0.18, if a "Mail servers" authentication provider is configured to use an Oauth connection provided by the OauthIMAP plugin, anyone can connect to GLPI using a user name on which an Oauth authorization has already been established. Version 10.0.18 contains a patch. As a workaround, one may disable any "Mail servers" authentication provider configured to use an Oauth connection provided by the OauthIMAP plugin.

CVSS3: 7.5

EPSS: Низкий

CVE-2025-23046

4 месяца назад

GLPI is a free asset and IT management software package. Starting in v ...

CVSS3: 7.5

EPSS: Низкий

BDU:2025-04582

4 месяца назад

Уязвимость системы заявок, инцидентов и инвентаризации компьютерного оборудования GLPI, связанная с неправильной аутентификацией, позволяющая нарушителю обойти процесс аутентификации

CVSS3: 7.5

EPSS: Низкий

ROS-20250402-04

3 месяца назад

Множественные уязвимости glpi

CVSS3: 7.5

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2025-23046 GLPI is a free asset and IT management software package. Starting in version 9.5.0 and prior to version 10.0.18, if a "Mail servers" authentication provider is configured to use an Oauth connection provided by the OauthIMAP plugin, anyone can connect to GLPI using a user name on which an Oauth authorization has already been established. Version 10.0.18 contains a patch. As a workaround, one may disable any "Mail servers" authentication provider configured to use an Oauth connection provided by the OauthIMAP plugin.	CVSS3: 7.5	0% Низкий	4 месяца назад
CVE-2025-23046 GLPI is a free asset and IT management software package. Starting in version 9.5.0 and prior to version 10.0.18, if a "Mail servers" authentication provider is configured to use an Oauth connection provided by the OauthIMAP plugin, anyone can connect to GLPI using a user name on which an Oauth authorization has already been established. Version 10.0.18 contains a patch. As a workaround, one may disable any "Mail servers" authentication provider configured to use an Oauth connection provided by the OauthIMAP plugin.	CVSS3: 7.5	0% Низкий	4 месяца назад
CVE-2025-23046 GLPI is a free asset and IT management software package. Starting in v ...	CVSS3: 7.5	0% Низкий	4 месяца назад
BDU:2025-04582 Уязвимость системы заявок, инцидентов и инвентаризации компьютерного оборудования GLPI, связанная с неправильной аутентификацией, позволяющая нарушителю обойти процесс аутентификации	CVSS3: 7.5	0% Низкий	4 месяца назад
ROS-20250402-04 Множественные уязвимости glpi	CVSS3: 7.5		3 месяца назад

Уязвимостей на страницу