Lucene search

K
cve[email protected]CVE-2013-2225
HistoryMay 27, 2014 - 3:00 p.m.

CVE-2013-2225

2014-05-2715:00:00
web.nvd.nist.gov
24
cve-2013-2225
glpi
remote code execution
unserialize
php
nvd

6.4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:P/A:P

7.4 High

AI Score

Confidence

High

0.174 Low

EPSS

Percentile

96.1%

inc/ticket.class.php in GLPI 0.83.9 and earlier allows remote attackers to unserialize arbitrary PHP objects via the _predefined_fields parameter to front/ticket.form.php.

Affected configurations

NVD
Node
glpi-projectglpiRange0.83.9
OR
glpi-projectglpiMatch0.5
OR
glpi-projectglpiMatch0.5rc1
OR
glpi-projectglpiMatch0.5rc2
OR
glpi-projectglpiMatch0.6
OR
glpi-projectglpiMatch0.6rc1
OR
glpi-projectglpiMatch0.6rc2
OR
glpi-projectglpiMatch0.6rc3
OR
glpi-projectglpiMatch0.20
OR
glpi-projectglpiMatch0.21
OR
glpi-projectglpiMatch0.30
OR
glpi-projectglpiMatch0.31
OR
glpi-projectglpiMatch0.40
OR
glpi-projectglpiMatch0.41
OR
glpi-projectglpiMatch0.42
OR
glpi-projectglpiMatch0.51
OR
glpi-projectglpiMatch0.51a
OR
glpi-projectglpiMatch0.65
OR
glpi-projectglpiMatch0.65rc1
OR
glpi-projectglpiMatch0.65rc2
OR
glpi-projectglpiMatch0.68
OR
glpi-projectglpiMatch0.68rc1
OR
glpi-projectglpiMatch0.68rc2
OR
glpi-projectglpiMatch0.68rc3
OR
glpi-projectglpiMatch0.68.1
OR
glpi-projectglpiMatch0.68.2
OR
glpi-projectglpiMatch0.68.3
OR
glpi-projectglpiMatch0.70
OR
glpi-projectglpiMatch0.70rc1
OR
glpi-projectglpiMatch0.70rc2
OR
glpi-projectglpiMatch0.70rc3
OR
glpi-projectglpiMatch0.70.1
OR
glpi-projectglpiMatch0.70.2
OR
glpi-projectglpiMatch0.71
OR
glpi-projectglpiMatch0.71.1
OR
glpi-projectglpiMatch0.71.1rc1
OR
glpi-projectglpiMatch0.71.1rc2
OR
glpi-projectglpiMatch0.71.1rc3
OR
glpi-projectglpiMatch0.71.2
OR
glpi-projectglpiMatch0.71.3
OR
glpi-projectglpiMatch0.71.4
OR
glpi-projectglpiMatch0.71.5
OR
glpi-projectglpiMatch0.71.6
OR
glpi-projectglpiMatch0.72
OR
glpi-projectglpiMatch0.72rc1
OR
glpi-projectglpiMatch0.72rc2
OR
glpi-projectglpiMatch0.72rc3
OR
glpi-projectglpiMatch0.72.1
OR
glpi-projectglpiMatch0.72.2
OR
glpi-projectglpiMatch0.72.3
OR
glpi-projectglpiMatch0.72.4
OR
glpi-projectglpiMatch0.78
OR
glpi-projectglpiMatch0.78.1
OR
glpi-projectglpiMatch0.78.2
OR
glpi-projectglpiMatch0.78.3
OR
glpi-projectglpiMatch0.78.4
OR
glpi-projectglpiMatch0.78.5
OR
glpi-projectglpiMatch0.80
OR
glpi-projectglpiMatch0.80.1
OR
glpi-projectglpiMatch0.80.2
OR
glpi-projectglpiMatch0.80.3
OR
glpi-projectglpiMatch0.80.4
OR
glpi-projectglpiMatch0.80.5
OR
glpi-projectglpiMatch0.80.6
OR
glpi-projectglpiMatch0.80.7
OR
glpi-projectglpiMatch0.80.61
OR
glpi-projectglpiMatch0.83
OR
glpi-projectglpiMatch0.83.1
OR
glpi-projectglpiMatch0.83.2
OR
glpi-projectglpiMatch0.83.3
OR
glpi-projectglpiMatch0.83.4
OR
glpi-projectglpiMatch0.83.5
OR
glpi-projectglpiMatch0.83.6
OR
glpi-projectglpiMatch0.83.7
OR
glpi-projectglpiMatch0.83.8
OR
glpi-projectglpiMatch0.83.31

6.4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:P/A:P

7.4 High

AI Score

Confidence

High

0.174 Low

EPSS

Percentile

96.1%