Lucene search
RedosROS-20240828-02HistoryAug 28, 2024 - 12:00 a.m.
ROS-20240828-02
2024-08-2800:00:00
redos.red-soft.ru
3
glpi
vulnerability
remote access
sensitive data
csv file
spoofed header
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
7.6
Confidence
Low
A vulnerability in GLPI’s asset and data center management software is related to the
CSV file injection by creating a file with a spoofed header. Exploitation of the vulnerability could allow
an attacker acting remotely to gain access to sensitive data
Related
ubuntucve
ubuntucve
CVE-2024-27756
2024-03-15 00:00:00
cvelist
cvelist
CVE-2024-27756
2024-03-15 00:00:00
nvd
nvd
CVE-2024-27756
2024-03-15 07:15:09
vulnrichment
vulnrichment
CVE-2024-27756
2024-03-15 00:00:00
cve
cve
CVE-2024-27756
2024-03-15 07:15:09
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
7.6
Confidence
Low
Related for ROS-20240828-02