5 matches found
Linux Distros Unpatched Vulnerability : CVE-2023-34254
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The GLPI Agent is a generic management agent. Prior to version 1.5, if glpi-agent is running remoteinventory task against an Unix platform with ssh command, an...
CVE-2023-34254
The GLPI Agent is a generic management agent. Prior to version 1.5, if glpi-agent is running remoteinventory task against an Unix platform with ssh command, an administrator user on the remote can manage to inject a command in a specific workflow the agent would run with the privileges it uses. I...
CVE-2023-34254 Remote inventory task command injection when using ssh command mode
The GLPI Agent is a generic management agent. Prior to version 1.5, if glpi-agent is running remoteinventory task against an Unix platform with ssh command, an administrator user on the remote can manage to inject a command in a specific workflow the agent would run with the privileges it uses. I...
CVE-2023-34254
The CVE-2023-34254 issue affects GLPI Agent (pre-1.5) where, during a remoteinventory task over SSH on Unix, an remote administrator could inject commands into the agent’s workflow, potentially gaining high privileges on the host and exposing configured remote access. Root cause is input/command ...
CVE-2023-34254 Remote inventory task command injection when using ssh command mode
The GLPI Agent is a generic management agent. Prior to version 1.5, if glpi-agent is running remoteinventory task against an Unix platform with ssh command, an administrator user on the remote can manage to inject a command in a specific workflow the agent would run with the privileges it uses. I...