Lucene search

[email protected]NVD:CVE-2023-29006

HistoryApr 05, 2023 - 6:15 p.m.

CVE-2023-29006

2023-04-0518:15:08

CWE-502

[email protected]

web.nvd.nist.gov

order glpi plugin

unauthorized access

system command execution

crafted url

security patch

workaround

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

8.7

Confidence

High

EPSS

0.001

Percentile

37.6%

JSON

The Order GLPI plugin allows users to manage order management within GLPI. Starting with version 1.8.0 and prior to versions 2.7.7 and 2.10.1, an authenticated user that has access to standard interface can craft an URL that can be used to execute a system command. Versions 2.7.7 and 2.10.1 contain a patch for this issue. As a workaround, delete the ajax/dropdownContact.php file from the plugin.

Affected configurations

Nvd

Node

glpi-projectorderRange1.8.0–2.7.7glpi

glpi-projectorderMatch2.10.0glpi

VendorProductVersionCPE
glpi-projectorder*cpe:2.3:a:glpi-project:order:*:*:*:*:*:glpi:*:*
glpi-projectorder2.10.0cpe:2.3:a:glpi-project:order:2.10.0:*:*:*:*:glpi:*:*

Vendor	Product	Version	CPE
glpi-project	order	*	cpe:2.3:a:glpi-project:order::::::glpi::*
glpi-project	order	2.10.0	cpe:2.3:a:glpi-project:order:2.10.0:::::glpi::

References

github.com/pluginsGLPI/order/commit/c78e64b95e54d5e47d9835984c93049f245b579e

github.com/pluginsGLPI/order/security/advisories/GHSA-xfx2-qx2r-3wwm

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

8.7

Confidence

High

EPSS

0.001

Percentile

37.6%

JSON

Related for NVD:CVE-2023-29006

cve1 osv1 prion1 cvelist1