PT-2025-31389 · Glpi · Glpi

Geraldino2

Published

2025-07-30

Updated

2025-07-30

CVE-2025-53113

Report an issue

CVSS v3.1

2.7

Vector

AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions:

GLPI versions 0.65 through 10.0.18

Description:

GLPI is a Free Asset and IT Management Software package that provides ITIL Service Desk features, licenses tracking and software auditing. In versions 0.65 through 10.0.18, a technician can use the external links feature to access information on items they are not authorized to view.

Recommendations:

Update to version 10.0.19 or later.

Fix

Missing Authorization

Improper Access Control

Weakness Enumeration

CWE-862CWE-284

Related Identifiers

CVE-2025-53113

GHSA-R2MM-6499-4M8J

Affected Products

Glpi

PT-2025-31389 · Glpi · Glpi

Weakness Enumeration

Related Identifiers

Affected Products

References · 5