======================================================================

                               CERT-Renater

                     Note d'Information No. 2024/VULN225
_____________________________________________________________________

DATE                : 07/05/2024

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S): Systems running GLPI versions prior to 10.0.15.

=====================================================================
https://github.com/glpi-project/glpi/security/advisories/GHSA-gcj4-2cp3-6h5j
https://github.com/glpi-project/glpi/security/advisories/GHSA-8xvf-v6vv-r75g
_____________________________________________________________________


Authenticated SQL injection
High
cedric-anne published GHSA-gcj4-2cp3-6h5j May 7, 2024

Package
glpi (glpi)

Affected versions
>= 9.3.0

Patched versions
10.0.15


Description

Impact

An authenticated user can exploit a SQL injection vulnerability from
map search. This security issue can be exploited only if GLPI server
is using PHP 7.4.


Patches

Upgrade to 10.0.15.


Workarounds

Upgrade to PHP >= 8.0.


For more information

If you have any questions or comments about this advisory, mail us
at glpi-security@ow2.org.

Severity
High

7.7/ 10

CVSS base metrics

Attack vector
Network

Attack complexity
Low

Privileges required
Low

User interaction
None

Scope
Changed

Confidentiality
High

Integrity
None

Availability
None

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

CVE ID
CVE-2024-31456

Weaknesses
CWE-89


Credits

     @BorelEnzo BorelEnzo Reporter

_____________________________________________________________________

Account takeover via SQL Injection in saved searches feature
High
cedric-anne published GHSA-8xvf-v6vv-r75g May 7, 2024

Package
glpi (glpi)

Affected versions
10.0.10

Patched versions
10.0.15


Description

Impact

An authenticated user can exploit a SQL injection vulnerability in
the saved searches feature to alter another user account data and
take control of it.


Patches

Upgrade to 10.0.15.


For more information

If you have any questions or comments about this advisory, mail
us at glpi-security@ow2.org.


Severity
High

8.1/ 10

CVSS base metrics

Attack vector
Network

Attack complexity
Low

Privileges required
Low

User interaction
None

Scope
Unchanged

Confidentiality
High

Integrity
High

Availability
None

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

CVE ID
CVE-2024-29889

Weaknesses
CWE-89


Credits

     @Guilhem7 Guilhem7 Reporter



=========================================================
+ CERT-RENATER        |    tel : 01-53-94-20-44         +
+ 23/25 Rue Daviel    |    fax : 01-53-94-20-41         +
+ 75013 Paris         |   email:cert@support.renater.fr +
=========================================================