5 matches found
CVE-2023-34254
The GLPI Agent is a generic management agent. Prior to version 1.5, if glpi-agent is running remoteinventory task against an Unix platform with ssh command, an administrator user on the remote can manage to inject a command in a specific workflow the agent would run with the privileges it uses. I...
CVE-2023-34254 Remote inventory task command injection when using ssh command mode
The GLPI Agent is a generic management agent. Prior to version 1.5, if glpi-agent is running remoteinventory task against an Unix platform with ssh command, an administrator user on the remote can manage to inject a command in a specific workflow the agent would run with the privileges it uses. I...
CVE-2023-34254 Remote inventory task command injection when using ssh command mode
The GLPI Agent is a generic management agent. Prior to version 1.5, if glpi-agent is running remoteinventory task against an Unix platform with ssh command, an administrator user on the remote can manage to inject a command in a specific workflow the agent would run with the privileges it uses. I...
PT-2023-24778 · Unknown +1 · Glpi Agent +1
Name of the Vulnerable Software and Affected Versions: GLPI Agent versions prior to 1.5 Description: The issue affects the GLPI Agent, a generic management agent, when running the remoteinventory task against a Unix platform using the ssh command. An administrator user on the remote system can...
GLPI 操作系统命令注入漏洞
GLPI is an open source IT and asset management software for individual developers. The software provides a full-featured IT resource management interface that you can use to build databases to fully manage IT computers, monitors, servers, printers, network devices, phones, and even toner and ink...