Lucene search
+L

4 matches found

Tenable Nessus
Tenable Nessus
added 2025/09/03 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2021-21255

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. In GLPI versi...

5.8CVSS6.5AI score0.00854EPSS
Exploits0References2
ALT Linux
ALT Linux
added 2021/03/31 12:0 a.m.115 views

Security fix for the ALT Linux 10 package glpi version 9.5.4-alt1

March 31, 2021 Pavel Zilke 9.5.4-alt1 - New version 9.5.4 - This is a security release, upgrading is recommended - Security fixes: + CVE-2021-21326 : Horizontal Privilege Escalation + CVE-2021-21255 : entities switch IDOR + CVE-2021-21258 : XSS injection in ajax/kanban + CVE-2021-21314 : XSS...

5CVSS5.7AI score0.02252EPSS
Exploits5
NVD
NVD
added 2021/03/02 8:15 p.m.23 views

CVE-2021-21255

GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. In GLPI version 9.5.3, it was possible to switch entities with IDOR from a logged in user. This is fixed in version 9.5.4...

5.8CVSS0.00854EPSS
Exploits0References2
CVE
CVE
added 2021/03/02 7:40 p.m.57 views

CVE-2021-21255

CVE-2021-21255 relates to GLPI 9.5.3 where an authenticated user could perform an Insecure Direct Object Reference (IDOR) to switch entities. The issue is resolved in GLPI 9.5.4. The vulnerability affects the web application’s entity switching logic; no exploitation details are provided beyond th...

5.8CVSS5.7AI score0.00854EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder