4 matches found
Linux Distros Unpatched Vulnerability : CVE-2021-39211
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GLPI is a free Asset and IT management software package. Starting in version 9.2 and prior to version 9.5.6, the telemetry endpoint discloses GLPI and server...
Security fix for the ALT Linux 9 package glpi version 9.5.6-alt1
9.5.6-alt1 built Oct. 18, 2021 Pavel Zilke in task 287044 Oct. 12, 2021 Pavel Zilke - New version 9.5.6 - This is a security release, upgrading is recommended - Security fixes: + CVE-2021-39211 : Disclosure of GLPI and server informations in telemetry endpoint + CVE-2021-39210 : Autologin cookie...
Security fix for the ALT Linux 10 package glpi version 9.5.6-alt1
9.5.6-alt1 built Oct. 14, 2021 Pavel Zilke in task 287043 Oct. 12, 2021 Pavel Zilke - New version 9.5.6 - This is a security release, upgrading is recommended - Security fixes: + CVE-2021-39211 : Disclosure of GLPI and server informations in telemetry endpoint + CVE-2021-39210 : Autologin cookie...
CVE-2021-39211
CVE-2021-39211 (GLPI) affects GLPI 9.2–9.5.6 with information disclosure via the telemetry endpoint that reveals GLPI and server details. The issue is fixed in 9.5.6; a workaround is to remove ajax/telemetry.php. Related sources from connected documents describe additional issues across GLPI vers...