CVE-2024-27098

GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. An authenticated user can execute a SSRF based attack using Arbitrary Object Instantiation. This issue has been patched in version 10.0.13.
Configurations

No configuration.

History

18 Mar 2024, 17:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-03-18 17:15

Updated : 2024-03-18 19:40


NVD link : CVE-2024-27098

Mitre link : CVE-2024-27098

CVE.ORG link : CVE-2024-27098


JSON object : View

Products Affected

No product.

CWE
CWE-918

Server-Side Request Forgery (SSRF)