Lucene search
+L

8 matches found

nessus
nessus
added 2025/09/10 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2024-47758

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GLPI is a free asset and IT management software package. Starting in version 9.3.0 and prior to version 10.0.17, an authenticated user can use the API to take...

8.8CVSS5AI score0.00443EPSS
Exploits0References2
redhatcve
redhatcve
added 2025/05/23 6:52 a.m.8 views

CVE-2024-47758

GLPI is a free asset and IT management software package. Starting in version 9.3.0 and prior to version 10.0.17, an authenticated user can use the API to take control of any user that have the same or a lower level of privileges. Version 10.0.17 contains a patch for this issue...

8.8CVSS6.9AI score0.00443EPSS
Exploits0References1
nvd
nvd
added 2024/12/11 4:15 p.m.30 views

CVE-2024-47758

GLPI is a free asset and IT management software package. Starting in version 9.3.0 and prior to version 10.0.17, an authenticated user can use the API to take control of any user that have the same or a lower level of privileges. Version 10.0.17 contains a patch for this issue...

8.8CVSS0.00443EPSS
Exploits0References2
ubuntucve
ubuntucve
added 2024/12/11 4:15 p.m.10 views

CVE-2024-47758

GLPI is a free asset and IT management software package. Starting in version 9.3.0 and prior to version 10.0.17, an authenticated user can use the API to take control of any user that have the same or a lower level of privileges. Version 10.0.17 contains a patch for this issue...

8.8CVSS5.9AI score0.00443EPSS
Exploits0References3
circl
circl
added 2024/12/11 3:55 p.m.10 views

CVE-2024-47758

creationtimestamp| type| source ---|---|--- 2024-12-11 15:55:15+00:00| seen| https://infosec.exchange/users/cve/statuses/113635001277155546 2024-12-11 17:44:48+00:00| seen| https://t.me/cvedetector/12637...

8.8CVSS4.4AI score0.00443EPSS
Exploits0References2
cve
cve
added 2024/12/11 3:50 p.m.98 views

CVE-2024-47758

CVE-2024-47758 affects GLPI: authenticated users can via the API take control of another user with equal or lower privileges in versions 9.3.0 up to, but not including, 10.0.17. A patch is available in 10.0.17. Connected documents corroborate GLPI context and indicate multiple vendor advisories f...

8.8CVSS6.6AI score0.00443EPSS
Exploits0References2Affected Software1
vulnrichment
vulnrichment
added 2024/12/11 3:50 p.m.22 views

CVE-2024-47758 GLPI vulnerable to account takeover without privilege escalation through the API

GLPI is a free asset and IT management software package. Starting in version 9.3.0 and prior to version 10.0.17, an authenticated user can use the API to take control of any user that have the same or a lower level of privileges. Version 10.0.17 contains a patch for this issue...

7.6CVSS6.6AI score0.00443EPSS
Exploits0References2
cvelist
cvelist
added 2024/12/11 3:50 p.m.31 views

CVE-2024-47758 GLPI vulnerable to account takeover without privilege escalation through the API

GLPI is a free asset and IT management software package. Starting in version 9.3.0 and prior to version 10.0.17, an authenticated user can use the API to take control of any user that have the same or a lower level of privileges. Version 10.0.17 contains a patch for this issue...

7.6CVSS0.00443EPSS
Exploits0References2
Rows per page
Query Builder