Lucene search

Ubuntu.comUB:CVE-2020-15226

HistoryOct 07, 2020 - 12:00 a.m.

CVE-2020-15226

2020-10-0700:00:00

ubuntu.com

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N

0.001 Low

EPSS

Percentile

24.8%

JSON

In GLPI before version 9.5.2, there is a SQL Injection in the API’s search
function. Not only is it possible to break the SQL syntax, but it is also
possible to utilise a UNION SELECT query to reflect sensitive information
such as the current database version, or database user. The most likely
scenario for this vulnerability is with someone who has an API account to
the system. The issue is patched in version 9.5.2. A proof-of-concept with
technical details is available in the linked advisory.

References

github.com/glpi-project/glpi/commit/3dc4475c56b241ad659cc5c7cb5fb65727409cf0

launchpad.net/bugs/cve/CVE-2020-15226

nvd.nist.gov/vuln/detail/CVE-2020-15226

security-tracker.debian.org/tracker/CVE-2020-15226

www.cve.org/CVERecord?id=CVE-2020-15226

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N

0.001 Low

EPSS

Percentile

24.8%

JSON

Related for UB:CVE-2020-15226