Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2022-34127
HistoryApr 16, 2023 - 3:15 a.m.

CVE-2022-34127

2023-04-1603:15:07
CWE-22
[email protected]
web.nvd.nist.gov
227
2
cve-2022-34127
managentities
glpi
file reading
directory traversal

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.021 Low

EPSS

Percentile

89.1%

JSON

The Managentities plugin before 4.0.2 for GLPI allows reading local files via directory traversal in the inc/cri.class.php file parameter.

Social References

More

Related

packetstorm 1
zdt 1
cvelist 1
osv 1
prion 1
exploitdb 1
packetstorm
packetstorm
GLPI Manageentities Local File Inclusion
2023-04-03 00:00:00
zdt
zdt
GLPI 4.0.2 - Unauthenticated Local File Inclusion on Manageentities plugin Vulnerability
2023-04-03 00:00:00
cvelist
cvelist
CVE-2022-34127
2023-04-16 00:00:00
osv
osv
CVE-2022-34127
2023-04-16 03:15:07
prion
prion
Directory traversal
2023-04-16 03:15:00
exploitdb
exploitdb
GLPI 4.0.2 - Unauthenticated Local File Inclusion on Manageentities plugin
2023-04-03 00:00:00

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.021 Low

EPSS

Percentile

89.1%

JSON
Related for CVE-2022-34127
packetstorm1zdt1cvelist1osv1prion1exploitdb1