CVE-2023-41323

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2023-41323

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-41323.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2023-41323

Downstream

UBUNTU-CVE-2023-41323

Related

GHSA-5cf4-6q6r-49x9

Published

2023-09-27T15:19:29Z

Modified

2024-11-21T08:21:04Z

Severity

5.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVSS Calculator

Summary

[none]

Details

GLPI stands for Gestionnaire Libre de Parc Informatique is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. An unauthenticated user can enumerate users logins. Users are advised to upgrade to version 10.0.10. There are no known workarounds for this vulnerability.

References

https://github.com/glpi-project/glpi/security/advisories/GHSA-5cf4-6q6r-49x9

Affected packages

Git / github.com/glpi-project/glpi

Affected ranges

Type: GIT
Repo: https://github.com/glpi-project/glpi
Events: Introduced

0a2c83a2e4f03bb3e814bdbeb9b29473565c519d

Fixed

0c860f018f5bd0f08b87d217a376304e62a5ba58