CVE-2022-39370

GLPI stands for Gestionnaire Libre de Parc Informatique. GLPI is a Free Asset and IT Management Software package that provides ITIL Service Desk features, licenses tracking and software auditing. Connected users may gain access to debug panel through the GLPI update script. This issue has been patched, please upgrade to 10.0.4. As a workaround, delete the `install/update.php` script.
References
Configurations

Configuration 1 (hide)

cpe:2.3:a:glpi-project:glpi:*:*:*:*:*:*:*:*

History

27 Jun 2023, 17:27

Type Values Removed Values Added
CWE CWE-863 NVD-CWE-Other

Information

Published : 2022-11-03 16:15

Updated : 2024-02-28 19:29


NVD link : CVE-2022-39370

Mitre link : CVE-2022-39370

CVE.ORG link : CVE-2022-39370


JSON object : View

Products Affected

glpi-project

  • glpi
CWE
NVD-CWE-Other CWE-284

Improper Access Control