FreeBSD : glpi -- SQL Injection in Search API (0ba61fcc-3b38-11eb-af2a-080027dbe4b7)

medium Nessus Plugin ID 144184

Synopsis

The remote FreeBSD host is missing one or more security-related updates.

Description

MITRE Corporation reports :

In GLPI before version 9.5.2, there is a SQL Injection in the API's search function. Not only is it possible to break the SQL syntax, but it is also possible to utilise a UNION SELECT query to reflect sensitive information such as the current database version, or database user. The most likely scenario for this vulnerability is with someone who has an API account to the system. The issue is patched in version 9.5.2. A proof-of-concept with technical details is available in the linked advisory.

Solution

Update the affected packages.

See Also

http://www.nessus.org/u?253a443c

http://www.nessus.org/u?62e8ff58

http://www.nessus.org/u?9b012893

Plugin Details

Severity: Medium

ID: 144184

File Name: freebsd_pkg_0ba61fcc3b3811ebaf2a080027dbe4b7.nasl

Version: 1.3

Type: local

Published: 12/14/2020

Updated: 2/2/2024

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 2.2

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.9

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

CVSS Score Source: CVE-2020-15226

CVSS v3

Risk Factor: Medium

Base Score: 4.3

Temporal Score: 3.9

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:glpi, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 6/25/2020

Vulnerability Publication Date: 6/25/2020

Reference Information

CVE: CVE-2020-15226