Vulnerability CVE-2020-15226: Information

Description

In GLPI before version 9.5.2, there is a SQL Injection in the API's search function. Not only is it possible to break the SQL syntax, but it is also possible to utilise a UNION SELECT query to reflect sensitive information such as the current database version, or database user. The most likely scenario for this vulnerability is with someone who has an API account to the system. The issue is patched in version 9.5.2. A proof-of-concept with technical details is available in the linked advisory.

Severity: MEDIUM (4.3) Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

URL: https://nvd.nist.gov/vuln/detail/CVE-2020-15226
Published: Oct. 7, 2020
Modified: Oct. 14, 2020
Error type identifier: CWE-89

Fixed packages

Package name
Branch
Fixed in version
Version from repository
Errata ID
Task #
State
glpisisyphus9.5.2-alt210.0.15-alt1ALT-PU-2020-3130-1260499Fixed
glpip109.5.2-alt210.0.15-alt1ALT-PU-2020-3130-1260499Fixed
glpip99.5.2-alt29.5.13-alt1ALT-PU-2020-3162-1260536Fixed
glpic10f19.5.2-alt29.5.13-alt1ALT-PU-2020-3130-1260499Fixed

References to Advisories, Solutions, and Tools

Hyperlink
Resource
https://github.com/glpi-project/glpi/security/advisories/GHSA-jwpv-7m4h-5gvc
  • Exploit
  • Third Party Advisory
https://github.com/glpi-project/glpi/commit/3dc4475c56b241ad659cc5c7cb5fb65727409cf0
  • Patch
  • Vendor Advisory

    1. Configuration 1

      cpe:2.3:a:glpi-project:glpi:*:*:*:*:*:*:*:*
      End excliding
      9.5.2
VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
Version: v24.5.0
Back to top