CVE-2024-50339

GLPI is a free asset and IT management software package. Starting in version 9.5.0 and prior to version 10.0.17, an unauthenticated user can retrieve all the sessions IDs and use them to steal any valid session. Version 10.0.17 contains a patch for this issue.

CVSS v3 5.3 MEDIUM

5.3^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 3.9 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://github.com/glpi-project/glpi/releases/tag/10.0.17	Release Notes
https://github.com/glpi-project/glpi/security/advisories/GHSA-v977-g4r9-6r72	Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:glpi-project:glpi:*:*:*:*:*:*:*:*

History

10 Jan 2025, 18:48

Type	Values Removed	Values Added
CWE		CWE-384
First Time		Glpi-project Glpi-project glpi
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 5.3
CPE		cpe:2.3:a:glpi-project:glpi::::::::
References	~~() https://github.com/glpi-project/glpi/releases/tag/10.0.17 -~~	() https://github.com/glpi-project/glpi/releases/tag/10.0.17 - Release Notes
References	~~() https://github.com/glpi-project/glpi/security/advisories/GHSA-v977-g4r9-6r72 -~~	() https://github.com/glpi-project/glpi/security/advisories/GHSA-v977-g4r9-6r72 - Vendor Advisory

12 Dec 2024, 02:06

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-12-12 02:06

Updated : 2025-01-10 18:48

NVD link : CVE-2024-50339

Mitre link : CVE-2024-50339

CVE.ORG link : CVE-2024-50339

JSON object : View

Products Affected

glpi-project

glpi

CWE

CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CWE-287

Improper Authentication

CWE-384

Session Fixation

{"id": "CVE-2024-50339", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 3.9}], "cvssMetricV40": [{"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"safety": "NOT_DEFINED", "version": "4.0", "recovery": "NOT_DEFINED", "baseScore": 9.3, "automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "modifiedAttackVector": "NOT_DEFINED", "integrityRequirements": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "availabilityRequirements": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subsequentSystemIntegrity": "NONE", "vulnerableSystemIntegrity": "HIGH", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "confidentialityRequirements": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "subsequentSystemAvailability": "NONE", "vulnerableSystemAvailability": "LOW", "subsequentSystemConfidentiality": "NONE", "vulnerableSystemConfidentiality": "HIGH", "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", "modifiedSubsequentSystemAvailability": "NOT_DEFINED", "modifiedVulnerableSystemAvailability": "NOT_DEFINED", "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED"}}]}, "published": "2024-12-12T02:06:19.147", "references": [{"url": "https://github.com/glpi-project/glpi/releases/tag/10.0.17", "tags": ["Release Notes"], "source": "security-advisories@github.com"}, {"url": "https://github.com/glpi-project/glpi/security/advisories/GHSA-v977-g4r9-6r72", "tags": ["Vendor Advisory"], "source": "security-advisories@github.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-79"}, {"lang": "en", "value": "CWE-287"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-384"}]}], "descriptions": [{"lang": "en", "value": "GLPI is a free asset and IT management software package. Starting in version 9.5.0 and prior to version 10.0.17, an unauthenticated user can retrieve all the sessions IDs and use them to steal any valid session. Version 10.0.17 contains a patch for this issue."}, {"lang": "es", "value": " GLPI es un paquete de software gratuito de gesti\u00f3n de activos y TI. A partir de la versi\u00f3n 9.5.0 y antes de la versi\u00f3n 10.0.17, un usuario no autenticado puede recuperar todos los identificadores de sesi\u00f3n y utilizarlos para robar cualquier sesi\u00f3n v\u00e1lida. La versi\u00f3n 10.0.17 contiene un parche para este problema."}], "lastModified": "2025-01-10T18:48:11.093", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:glpi-project:glpi:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4867EE17-6D06-4DDE-B6A1-BF9B49191D3B", "versionEndExcluding": "10.0.17", "versionStartIncluding": "9.5.0"}], "operator": "OR"}]}], "sourceIdentifier": "security-advisories@github.com"}