CNNVD-202507-081 Information

CNNVD ID

CNNVD-202507-081

Related CVE

CVE-2025-27153

• CNNVD Published: 2025-07-01

Description (Chinese)

Escalade GLPI plugin是GLPI Project Plugins开源的一个GLPI 扩展插件。 Escalade GLPI plugin 2.9.11之前版本存在访问控制错误漏洞，该漏洞源于访问控制不当，可能导致数据泄露和工作流中断。

Description (English)

Escalade GLPI plugin is a GLPI extension open-source GLPI Project Plugins. Before Escalade GLPI plugin 2.9.11, there was a bug in access control, which stemmed from inappropriate access controls, which could lead to data leakage and disruption of work flow.

Hazard Level

High

Vulnerability Type

访问控制错误

Affected Vendor

GLPI Project Plugins

Published

2025-07-01

Last Modified

2026-02-24

References

https://github.com/pluginsGLPI/escalade/releases/tag/2.9.11 https://github.com/pluginsGLPI/escalade/security/advisories/GHSA-pvqv-8r3r-47m9 https://access.redhat.com/security/cve/cve-2025-27153

Patch

https://github.com/pluginsGLPI/escalade/releases