CNNVD-202512-2770 Information
CNNVD ID
CNNVD-202512-2770
Related CVE
- CNNVD Published: 2025-12-16
Description (Chinese)
GLPI是GLPI开源的一款开源IT和资产管理软件。该软件提供功能全面的IT资源管理接口,你可以用它来建立数据库全面管理IT的电脑,显示器,服务器,打印机,网络设备,电话,甚至硒鼓和墨盒等。 GLPI 10.0.21之前版本存在安全漏洞,该漏洞源于授权缺失,可能导致未授权访问知识库条目。
Description (English)
GLPI is an open-source IT and asset management software for GLPI. The software provides a fully functional IT resource management interface, which you can use to create a database that fully manages IT computers, monitors, servers, printers, network equipment, telephones, even selenium drums and cartridges. There was a security gap in the previous version of the GLPI 10.2.21, which stemmed from the absence of a mandate and could lead to unauthorized access to the knowledge base entries.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
GLPI
Published
2025-12-16
Last Modified
2026-02-24
References
https://github.com/glpi-project/glpi/commit/a3d5cc4a63ae592c0b5592ebe6d562164904dab3 https://github.com/glpi-project/glpi/security/advisories/GHSA-62p9-prpq-j62q
Patch
https://www.glpi-project.org/en/
Share on: