CVE-2024-37149 - Vulnerability Details - OpenCVE

GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. An authenticated technician user can upload a malicious PHP script and hijack the plugin loader to execute this malicious script. Upgrade to 10.0.16.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact total

Vendors	Products
Glpi-project	Glpi

Configuration 1 [-]

cpe:2.3:a:glpi-project:glpi:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://github.com/glpi-project/glpi/security/advisories/GHSA-cwvp-j887-m4xh

History

Tue, 07 Jan 2025 17:30:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-94

Tue, 19 Nov 2024 15:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Glpi-project Glpi-project glpi
CPEs		cpe:2.3:a:glpi-project:glpi::::::::
Vendors & Products		Glpi-project Glpi-project glpi
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2024-07-10T19:20:36.161Z

Updated: 2024-11-19T14:15:12.413Z

Reserved: 2024-06-03T17:29:38.328Z

Link: CVE-2024-37149

Vulnrichment

Updated: 2024-08-02T03:50:54.839Z

NVD

Status : Analyzed

Published: 2024-07-10T20:15:03.543

Modified: 2025-01-07T17:03:06.697

Link: CVE-2024-37149

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-37149", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2024-06-03T17:29:38.328Z", "datePublished": "2024-07-10T19:20:36.161Z", "dateUpdated": "2024-11-19T14:15:12.413Z"}, "containers": {"cna": {"title": "GLPI allows remote code execution through the plugin loader", "problemTypes": [{"descriptions": [{"cweId": "CWE-73", "lang": "en", "description": "CWE-73: External Control of File Name or Path", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}}], "references": [{"name": "https://github.com/glpi-project/glpi/security/advisories/GHSA-cwvp-j887-m4xh", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/glpi-project/glpi/security/advisories/GHSA-cwvp-j887-m4xh"}], "affected": [{"vendor": "glpi-project", "product": "glpi", "versions": [{"version": ">= 0.85, < 10.0.16", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-07-10T19:20:36.161Z"}, "descriptions": [{"lang": "en", "value": "GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. An authenticated technician user can upload a malicious PHP script and hijack the plugin loader to execute this malicious script. Upgrade to 10.0.16."}], "source": {"advisory": "GHSA-cwvp-j887-m4xh", "discovery": "UNKNOWN"}}, "adp": [{"affected": [{"vendor": "glpi-project", "product": "glpi", "cpes": ["cpe:2.3:a:glpi-project:glpi:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0.85", "status": "affected", "lessThan": "10.0.16", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-07-15T20:18:12.509282Z", "id": "CVE-2024-37149", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-11-19T14:15:12.413Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T03:50:54.839Z"}, "title": "CVE Program Container", "references": [{"name": "https://github.com/glpi-project/glpi/security/advisories/GHSA-cwvp-j887-m4xh", "tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/glpi-project/glpi/security/advisories/GHSA-cwvp-j887-m4xh"}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://github.com/glpi-project/glpi/security/advisories/GHSA-cwvp-j887-m4xh", "name": "https://github.com/glpi-project/glpi/security/advisories/GHSA-cwvp-j887-m4xh", "tags": ["x_refsource_CONFIRM", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T03:50:54.839Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-37149", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-07-15T20:18:12.509282Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:glpi-project:glpi:*:*:*:*:*:*:*:*"], "vendor": "glpi-project", "product": "glpi", "versions": [{"status": "affected", "version": "0.85", "lessThan": "10.0.16", "versionType": "custom"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-15T20:18:47.043Z"}}], "cna": {"title": "GLPI allows remote code execution through the plugin loader", "source": {"advisory": "GHSA-cwvp-j887-m4xh", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.2, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "glpi-project", "product": "glpi", "versions": [{"status": "affected", "version": ">= 0.85, < 10.0.16"}]}], "references": [{"url": "https://github.com/glpi-project/glpi/security/advisories/GHSA-cwvp-j887-m4xh", "name": "https://github.com/glpi-project/glpi/security/advisories/GHSA-cwvp-j887-m4xh", "tags": ["x_refsource_CONFIRM"]}], "descriptions": [{"lang": "en", "value": "GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. An authenticated technician user can upload a malicious PHP script and hijack the plugin loader to execute this malicious script. Upgrade to 10.0.16."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-73", "description": "CWE-73: External Control of File Name or Path"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-07-10T19:20:36.161Z"}}}, "cveMetadata": {"cveId": "CVE-2024-37149", "state": "PUBLISHED", "dateUpdated": "2024-11-19T14:15:12.413Z", "dateReserved": "2024-06-03T17:29:38.328Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2024-07-10T19:20:36.161Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:glpi-project:glpi:*:*:*:*:*:*:*:*", "matchCriteriaId": "2910869A-4955-4EF7-9E9D-16E45682606A", "versionEndExcluding": "10.0.16", "versionStartIncluding": "0.85", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. An authenticated technician user can upload a malicious PHP script and hijack the plugin loader to execute this malicious script. Upgrade to 10.0.16."}, {"lang": "es", "value": "GLPI es un paquete de software de gesti\u00f3n de TI y activos de c\u00f3digo abierto que proporciona funciones de ITIL Service Desk, seguimiento de licencias y auditor\u00eda de software. Un usuario t\u00e9cnico autenticado puede cargar un script PHP malicioso y secuestrar el cargador de complementos para ejecutar este script malicioso. Actualice a 10.0.16."}], "id": "CVE-2024-37149", "lastModified": "2025-01-07T17:03:06.697", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 5.9, "source": "security-advisories@github.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-07-10T20:15:03.543", "references": [{"source": "security-advisories@github.com", "tags": ["Vendor Advisory"], "url": "https://github.com/glpi-project/glpi/security/advisories/GHSA-cwvp-j887-m4xh"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://github.com/glpi-project/glpi/security/advisories/GHSA-cwvp-j887-m4xh"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-73"}], "source": "security-advisories@github.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-94"}], "source": "nvd@nist.gov", "type": "Primary"}]}