Glpi Project Glpi Agent
By the Year
In 2023 there have been 1 vulnerability in Glpi Project Glpi Agent with an average score of 7.2 out of ten. Glpi Agent did not have any published security vulnerabilities last year. That is, 1 more vulnerability have already been reported in 2023 as compared to last year.
It may take a day or so for new Glpi Agent vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Glpi Project Glpi Agent Security Vulnerabilities
The GLPI Agent is a generic management agent
7.2 - High
- June 23, 2023
The GLPI Agent is a generic management agent. Prior to version 1.5, if glpi-agent is running remoteinventory task against an Unix platform with ssh command, an administrator user on the remote can manage to inject a command in a specific workflow the agent would run with the privileges it uses. In the case, the agent is running with administration privileges, a malicious user could gain high privileges on the computer glpi-agent is running on. A malicious user could also disclose all remote accesses the agent is configured with for remoteinventory task. This vulnerability has been patched in glpi-agent 1.5.