CVE-2022-35945

GLPI stands for Gestionnaire Libre de Parc Informatique and is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. Information associated to registration key are not properly escaped in registration key configuration page. They can be used to steal a GLPI administrator cookie. Users are advised to upgrade to 10.0.3. There are no known workarounds for this issue. ### Workarounds Do not use a registration key created by an untrusted person.

CVSS v3 6.1 MEDIUM

6.1^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.8 / Impact : 2.7

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact NONE

Scope CHANGED

References

Link	Resource
https://github.com/glpi-project/glpi/commit/2b8f9aa54ae4a4ec07bde0c8db739a292b8ec09a	Patch Third Party Advisory
https://github.com/glpi-project/glpi/security/advisories/GHSA-jrgw-cx24-56x5	Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:glpi-project:glpi:*:*:*:*:*:*:*:*

History

19 Sep 2022, 14:09

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 6.1
References	~~(MISC) https://github.com/glpi-project/glpi/commit/2b8f9aa54ae4a4ec07bde0c8db739a292b8ec09a -~~	(MISC) https://github.com/glpi-project/glpi/commit/2b8f9aa54ae4a4ec07bde0c8db739a292b8ec09a - Patch, Third Party Advisory
References	~~(CONFIRM) https://github.com/glpi-project/glpi/security/advisories/GHSA-jrgw-cx24-56x5 -~~	(CONFIRM) https://github.com/glpi-project/glpi/security/advisories/GHSA-jrgw-cx24-56x5 - Third Party Advisory
First Time		Glpi-project glpi Glpi-project
CPE		cpe:2.3:a:glpi-project:glpi::::::::

14 Sep 2022, 18:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2022-09-14 18:15

Updated : 2023-12-10 14:35

NVD link : CVE-2022-35945

Mitre link : CVE-2022-35945

CVE.ORG link : CVE-2022-35945

JSON object : View

Products Affected

glpi-project

glpi

CWE

CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

{"id": "CVE-2022-35945", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 6.1, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 2.7, "exploitabilityScore": 2.8}, {"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 3.4, "exploitabilityScore": 2.8}]}, "published": "2022-09-14T18:15:10.503", "references": [{"url": "https://github.com/glpi-project/glpi/commit/2b8f9aa54ae4a4ec07bde0c8db739a292b8ec09a", "tags": ["Patch", "Third Party Advisory"], "source": "security-advisories@github.com"}, {"url": "https://github.com/glpi-project/glpi/security/advisories/GHSA-jrgw-cx24-56x5", "tags": ["Third Party Advisory"], "source": "security-advisories@github.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-79"}]}, {"type": "Secondary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "GLPI stands for Gestionnaire Libre de Parc Informatique and is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. Information associated to registration key are not properly escaped in registration key configuration page. They can be used to steal a GLPI administrator cookie. Users are advised to upgrade to 10.0.3. There are no known workarounds for this issue. ### Workarounds Do not use a registration key created by an untrusted person."}, {"lang": "es", "value": "GLPI son las siglas de Gestionnaire Libre de Parc Informatique y es un Paquete de Software Libre de Administraci\u00f3n de Activos y TI, que proporciona funciones de Service Desk de ITIL, seguimiento de licencias y auditor\u00eda de software. La informaci\u00f3n asociada a la clave de registro no es escapada apropiadamente en la p\u00e1gina de configuraci\u00f3n de la clave de registro. Pueden usarse para robar una cookie de administrador de GLPI. Es recomendado a usuarios actualizar a versi\u00f3n 10.0.3. No se presentan mitigaciones conocidas para este problema. ### No use una clave de registro creada por una persona que no sea confiable"}], "lastModified": "2022-09-19T14:09:44.277", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:glpi-project:glpi:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F1118A51-CFED-4D17-8344-EA94C8F77EAD", "versionEndExcluding": "10.0.3"}], "operator": "OR"}]}], "sourceIdentifier": "security-advisories@github.com"}