CVE-2021-21327 – GLPI is an open-source asset and IT management software package that provides ITIL Service …

8 March 2021

Vuln ID: CVE-2021-21327

Published: 2021-03-08 17:15:13Z

Description: GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. In GLPI before version 9.5.4 non-authenticated user can remotely instantiate object of any class existing in the GLPI environment that can be used to carry out malicious attacks, or to start a Ã¢â‚¬Å“POP chainÃ¢â‚¬?. As an example of direct impact, this vulnerability affects integrity of the GLPI core platform and third-party plugins runtime misusing classes which implement some sensitive operations in their constructors or destructors. This is fixed in version 9.5.4.

Source: NVD.NIST.GOV

Date:

8 March 2021

Categorie(s):

NVD

Tag(s):

NVD

Flaws in Chinese keyboard apps leave 750 million users open to snooping, researchers claim26 April 2024
Most people still rely on memory or pen and paper for password management26 April 2024
LSA Whisperer: Open-source tools for interacting with authentication packages26 April 2024
What AI can tell organizations about their M&A risk26 April 2024
Breaking down the numbers: Cybersecurity funding activity recap26 April 2024