GLPI is an open source IT Asset Management, issue tracking system and service desk system. The GLPI addressing plugin in versions < 2.9.1 suffers from authenticated Remote Code Execution vulnerability, allowing access to the server's underlying operating system using command injection abuse of functionality. There is no workaround for this issue and users are advised to upgrade or to disable the addressing plugin.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: GitHub_M
Published: 2022-01-05T18:45:11
Updated: 2024-08-04T04:03:08.615Z
Reserved: 2021-11-16T00:00:00
Link: CVE-2021-43779
Vulnrichment
No data.
NVD
Status : Modified
Published: 2022-01-05T19:15:08.627
Modified: 2024-11-21T06:29:46.210
Link: CVE-2021-43779
Redhat
No data.