CVE-2014-5032

N/A

Description

GLPI before 0.84.7 does not properly restrict access to cost information, which allows remote attackers to obtain sensitive information via the cost criteria in the search bar.

Details CVE

Score CVSS v3.1N/A

Publie4/14/2015

Derniere modification4/12/2025

Sourcenvd

Observations honeypot0

Produits affectes

glpi-project:glpi

Faiblesses (CWE)

CWE-264

References

http://advisories.mageia.org/MGASA-2015-0017.html(cve@mitre.org)

http://www.glpi-project.org/spip.php?page=annonce&id_breve=325(cve@mitre.org)

http://www.mandriva.com/security/advisories?name=MDVSA-2015:167(cve@mitre.org)

https://forge.indepnet.net/issues/4984(cve@mitre.org)

http://advisories.mageia.org/MGASA-2015-0017.html(af854a3a-2127-422b-91ae-364da2661108)

http://www.glpi-project.org/spip.php?page=annonce&id_breve=325(af854a3a-2127-422b-91ae-364da2661108)

http://www.mandriva.com/security/advisories?name=MDVSA-2015:167(af854a3a-2127-422b-91ae-364da2661108)

https://forge.indepnet.net/issues/4984(af854a3a-2127-422b-91ae-364da2661108)

Correlations IOC

Aucune correlation enregistree

This product uses data from the NVD API but is not endorsed or certified by the NVD.