CVE-2021-21255

🗓️ 02 Mar 2021 00:00:00Reported by AttackerKBType

GLPI open-source IT management software vulnerability in version 9.5.3 allows IDOR to switch entities of logged-in users. Fixed in version 9.5.4

Reporter	Title	Published	Views	Family All 9
CNVD	Unspecified vulnerability in GLPI (CNVD-2021-17776)	10 Mar 202100:00	–	cnvd
OSV	CVE-2021-21255	2 Mar 202120:15	–	osv
Cvelist	CVE-2021-21255 entities switch IDOR	2 Mar 202119:40	–	cvelist
UbuntuCve	CVE-2021-21255	2 Mar 202100:00	–	ubuntucve
NVD	CVE-2021-21255	2 Mar 202120:15	–	nvd
Prion	Design/Logic Flaw	2 Mar 202120:15	–	prion
CVE	CVE-2021-21255	2 Mar 202120:15	–	cve
ALT Linux	Security fix for the ALT Linux 10 package glpi version 9.5.4-alt1	31 Mar 202100:00	–	altlinux
ALT Linux	Security fix for the ALT Linux 9 package glpi version 9.5.4-alt1	14 Apr 202100:00	–	altlinux

Source	Link
cve	www.cve.mitre.org/cgi-bin/cvename.cgi
github	www.github.com/glpi-project/glpi/security/advisories/GHSA-v3m5-r3mx-ff9j
github	www.github.com/glpi-project/glpi/commit/aade65b7f67d46f23d276a8acb0df70651c3b1dc

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

02 Mar 2021 00:00Current

4.5Medium risk

Vulners AI Score4.5

EPSS0.00063