Lucene search
K

6 matches found

Tenable Nessus
Tenable Nessus
added 2025/09/03 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2020-11035

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In GLPI after version 0.83.3 and before version 9.4.6, the CSRF tokens are generated using an insecure algorithm. The implementation uses rand and uniqid and MD...

9.3CVSS8.1AI score0.00782EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.22 views

Mageia: Security Advisory (MGASA-2020-0220)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS6.6AI score0.07608EPSS
Exploits1References8
Tenable Nessus
Tenable Nessus
added 2020/12/14 12:0 a.m.24 views

FreeBSD : glpi -- weak csrf tokens (b64edef7-3b10-11eb-af2a-080027dbe4b7)

MITRE Corporation reports : In GLPI after version 0.83.3 and before version 9.4.6, the CSRF tokens are generated using an insecure algorithm. The implementation uses rand and uniqid and MD5 which does not provide secure values. This is fixed in version 9.4.6. C Tenable Network Security, Inc. The...

9.3CVSS8.2AI score0.00782EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2020/05/15 12:0 a.m.24 views

Fedora: Security Advisory for glpi (FEDORA-2020-ee30e1109f)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.3CVSS6.4AI score0.07608EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2020/05/15 12:0 a.m.22 views

Fedora: Security Advisory for glpi (FEDORA-2020-885e2343ed)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.3CVSS6.4AI score0.07608EPSS
Exploits1References2
CVE
CVE
added 2020/05/05 9:30 p.m.105 views

CVE-2020-11035

In GLPI, CVE-2020-11035 affects versions after 0.83.3 and before 9.4.6, where CSRF tokens are generated using an insecure algorithm (rand, uniqid, MD5). The issue is addressed in version 9.4.6. This vulnerability arises from the token generation mechanism, not from network access details in the p...

9.3CVSS8.2AI score0.00782EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder