Glpi Project Glpi Agent
By the Year
In 2023 there have been 1 vulnerability in Glpi Project Glpi Agent with an average score of 7.2 out of ten. Glpi Agent did not have any published security vulnerabilities last year. That is, 1 more vulnerability have already been reported in 2023 as compared to last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2023 | 1 | 7.20 |
| 2022 | 0 | 0.00 |
| 2021 | 0 | 0.00 |
| 2020 | 0 | 0.00 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Glpi Agent vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Glpi Project Glpi Agent Security Vulnerabilities
The GLPI Agent is a generic management agent
CVE-2023-34254
7.2 - High
- June 23, 2023
The GLPI Agent is a generic management agent. Prior to version 1.5, if glpi-agent is running remoteinventory task against an Unix platform with ssh command, an administrator user on the remote can manage to inject a command in a specific workflow the agent would run with the privileges it uses. In the case, the agent is running with administration privileges, a malicious user could gain high privileges on the computer glpi-agent is running on. A malicious user could also disclose all remote accesses the agent is configured with for remoteinventory task. This vulnerability has been patched in glpi-agent 1.5.
Shell injection
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Glpi Project Glpi Agent or by Glpi Project? Click the Watch button to subscribe.
