CVE-2020-26212

🗓️ 25 Nov 2020 17:12:15Reported by GitHub_MType

GLPI before version 9.5.3 allows authenticated users to gain unauthorized read-only access to other users' planning

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 9
Tenable Nessus	FreeBSD : glpi -- Any CalDAV calendars is read-only for every authenticated user (6a467439-3b38-11eb-af2a-080027dbe4b7)	14 Dec 202000:00	–	nessus
UbuntuCve	CVE-2020-26212	25 Nov 202000:00	–	ubuntucve
NVD	CVE-2020-26212	25 Nov 202017:15	–	nvd
Prion	Design/Logic Flaw	25 Nov 202017:15	–	prion
OSV	CVE-2020-26212	25 Nov 202017:15	–	osv
Cvelist	CVE-2020-26212 Any GLPI CalDAV calendars is read-only for every authenticated user	25 Nov 202017:05	–	cvelist
FreeBSD	glpi -- Any CalDAV calendars is read-only for every authenticated user	1 Oct 202000:00	–	freebsd
ALT Linux	Security fix for the ALT Linux 9 package glpi version 9.5.3-alt1	26 Dec 202000:00	–	altlinux
ALT Linux	Security fix for the ALT Linux 10 package glpi version 9.5.3-alt1	5 Dec 202000:00	–	altlinux

Nvd

Vulners

Node

glpi-project glpiRange<9.5.3

[
  {
    "product": "glpi",
    "vendor": "glpi-project",
    "versions": [
      {
        "status": "affected",
        "version": "< 9.5.3"
      }
    ]
  }
]

Source	Link
github	www.github.com/glpi-project/glpi/commit/527280358ec78988ac57e9809d2eb21fcd74caf7
github	www.github.com/glpi-project/glpi/releases/tag/9.5.3
github	www.github.com/glpi-project/glpi/security/advisories/GHSA-qmw3-87hr-5wgx

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

25 Nov 2020 17:15Current

6.4Medium risk

Vulners AI Score6.4

CVSS24

CVSS36.5 - 7.7

EPSS0.00212

CWE-862