CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-39323

GLPI stands for Gestionnaire Libre de Parc Informatique. GLPI is a Free Asset and IT Management Software package that provides ITIL Service Desk features, licenses tracking and software auditing. Time based attack using a SQL injection in api REST user_token. This issue has been patched, please upgrade to version 10.0.4. As a workaround, disable login with user_token on API Rest.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.014

EPSS Ranking 79.4%

CVSS Severity

CVSS v3 Score 7.4

References

Products affected by CVE-2022-39323

Glpi-Project » Glpi » Version: 10.0.0

cpe:2.3:a:glpi-project:glpi:10.0.0
Glpi-Project » Glpi » Version: 10.0.1

cpe:2.3:a:glpi-project:glpi:10.0.1
Glpi-Project » Glpi » Version: 10.0.2

cpe:2.3:a:glpi-project:glpi:10.0.2
Glpi-Project » Glpi » Version: 10.0.3

cpe:2.3:a:glpi-project:glpi:10.0.3
Glpi-Project » Glpi » Version: 9.1

cpe:2.3:a:glpi-project:glpi:9.1
Glpi-Project » Glpi » Version: 9.1.0

cpe:2.3:a:glpi-project:glpi:9.1.0
Glpi-Project » Glpi » Version: 9.1.1

cpe:2.3:a:glpi-project:glpi:9.1.1
Glpi-Project » Glpi » Version: 9.1.2

cpe:2.3:a:glpi-project:glpi:9.1.2
Glpi-Project » Glpi » Version: 9.1.3

cpe:2.3:a:glpi-project:glpi:9.1.3
Glpi-Project » Glpi » Version: 9.1.4

cpe:2.3:a:glpi-project:glpi:9.1.4
Glpi-Project » Glpi » Version: 9.1.5

cpe:2.3:a:glpi-project:glpi:9.1.5
Glpi-Project » Glpi » Version: 9.1.6

cpe:2.3:a:glpi-project:glpi:9.1.6
Glpi-Project » Glpi » Version: 9.1.7

cpe:2.3:a:glpi-project:glpi:9.1.7
Glpi-Project » Glpi » Version: 9.1.7.1

cpe:2.3:a:glpi-project:glpi:9.1.7.1
Glpi-Project » Glpi » Version: 9.2

cpe:2.3:a:glpi-project:glpi:9.2
Glpi-Project » Glpi » Version: 9.2.0

cpe:2.3:a:glpi-project:glpi:9.2.0
Glpi-Project » Glpi » Version: 9.2.1

cpe:2.3:a:glpi-project:glpi:9.2.1
Glpi-Project » Glpi » Version: 9.2.2

cpe:2.3:a:glpi-project:glpi:9.2.2
Glpi-Project » Glpi » Version: 9.2.3

cpe:2.3:a:glpi-project:glpi:9.2.3
Glpi-Project » Glpi » Version: 9.2.4

cpe:2.3:a:glpi-project:glpi:9.2.4
Glpi-Project » Glpi » Version: 9.3.0

cpe:2.3:a:glpi-project:glpi:9.3.0
Glpi-Project » Glpi » Version: 9.3.1

cpe:2.3:a:glpi-project:glpi:9.3.1
Glpi-Project » Glpi » Version: 9.3.2

cpe:2.3:a:glpi-project:glpi:9.3.2
Glpi-Project » Glpi » Version: 9.3.3

cpe:2.3:a:glpi-project:glpi:9.3.3
Glpi-Project » Glpi » Version: 9.3.4

cpe:2.3:a:glpi-project:glpi:9.3.4
Glpi-Project » Glpi » Version: 9.4.0

cpe:2.3:a:glpi-project:glpi:9.4.0
Glpi-Project » Glpi » Version: 9.4.1

cpe:2.3:a:glpi-project:glpi:9.4.1
Glpi-Project » Glpi » Version: 9.4.1.1

cpe:2.3:a:glpi-project:glpi:9.4.1.1
Glpi-Project » Glpi » Version: 9.4.2

cpe:2.3:a:glpi-project:glpi:9.4.2
Glpi-Project » Glpi » Version: 9.4.3

cpe:2.3:a:glpi-project:glpi:9.4.3
Glpi-Project » Glpi » Version: 9.4.5

cpe:2.3:a:glpi-project:glpi:9.4.5
Glpi-Project » Glpi » Version: 9.4.6

cpe:2.3:a:glpi-project:glpi:9.4.6
Glpi-Project » Glpi » Version: 9.5.0

cpe:2.3:a:glpi-project:glpi:9.5.0
Glpi-Project » Glpi » Version: 9.5.1

cpe:2.3:a:glpi-project:glpi:9.5.1
Glpi-Project » Glpi » Version: 9.5.10

cpe:2.3:a:glpi-project:glpi:9.5.10
Glpi-Project » Glpi » Version: 9.5.11

cpe:2.3:a:glpi-project:glpi:9.5.11
Glpi-Project » Glpi » Version: 9.5.12

cpe:2.3:a:glpi-project:glpi:9.5.12
Glpi-Project » Glpi » Version: 9.5.13

cpe:2.3:a:glpi-project:glpi:9.5.13
Glpi-Project » Glpi » Version: 9.5.2

cpe:2.3:a:glpi-project:glpi:9.5.2
Glpi-Project » Glpi » Version: 9.5.3

cpe:2.3:a:glpi-project:glpi:9.5.3
Glpi-Project » Glpi » Version: 9.5.4

cpe:2.3:a:glpi-project:glpi:9.5.4
Glpi-Project » Glpi » Version: 9.5.5

cpe:2.3:a:glpi-project:glpi:9.5.5
Glpi-Project » Glpi » Version: 9.5.6

cpe:2.3:a:glpi-project:glpi:9.5.6
Glpi-Project » Glpi » Version: 9.5.7

cpe:2.3:a:glpi-project:glpi:9.5.7
Glpi-Project » Glpi » Version: 9.5.8

cpe:2.3:a:glpi-project:glpi:9.5.8
Glpi-Project » Glpi » Version: 9.5.9

cpe:2.3:a:glpi-project:glpi:9.5.9

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-39323

Products

Pricing

Contact Us