CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
AI Score
Confidence
Low
EPSS
Percentile
32.5%
GLPI’s asset management and data center management software vulnerability is related to the
SQL code injection through administration of dashboards. Exploitation of the vulnerability could
allow an attacker acting remotely to execute arbitrary SQL queries