GitHub_MCVELIST:CVE-2020-15226CVE-2020-15226 SQL Injection in GLPI Search API
5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
5.2 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
24.8%
In GLPI before version 9.5.2, there is a SQL Injection in the API’s search function. Not only is it possible to break the SQL syntax, but it is also possible to utilise a UNION SELECT query to reflect sensitive information such as the current database version, or database user. The most likely scenario for this vulnerability is with someone who has an API account to the system. The issue is patched in version 9.5.2. A proof-of-concept with technical details is available in the linked advisory.
CNA Affected
[
{
"product": "glpi",
"vendor": "glpi-project",
"versions": [
{
"status": "affected",
"version": ">= 9.1, < 9.5.2"
}
]
}
]Related
5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
5.2 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
24.8%