CVE-2023-34107

CVSS v3.1

6.5

Medium

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions GLPI versions 9.2.0 through 10.0.7

Description The issue is related to an incorrect rights check on a file accessible by an authenticated user, allowing access to view all KnowbaseItems.

Recommendations For versions 9.2.0 through 10.0.7, update to version 10.0.8 to resolve the issue.

Exploit

Fix

Incorrect Authorization

Improper Access Control

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-863CWE-284

Related Identifiers

ALT-PU-2023-4552

ALT-PU-2023-7633

ALT-PU-2024-8030

CVE-2023-34107

GHSA-966H-XRF5-PMJ4

Affected Products

Alt Linux

Glpi

Red Os

CVE-2023-34107

Weakness Enumeration

Related Identifiers

Affected Products

References · 17