ALT-PU-2014-2229-1
Closed vulnerabilities
Published: 2015-04-14
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2014-5032
GLPI before 0.84.7 does not properly restrict access to cost information, which allows remote attackers to obtain sensitive information via the cost criteria in the search bar.
Severity: MEDIUM (5.0)
References:
- http://advisories.mageia.org/MGASA-2015-0017.html
- http://advisories.mageia.org/MGASA-2015-0017.html
- http://www.glpi-project.org/spip.php?page=annonce&id_breve=325
- http://www.glpi-project.org/spip.php?page=annonce&id_breve=325
- MDVSA-2015:167
- MDVSA-2015:167
- https://forge.indepnet.net/issues/4984
- https://forge.indepnet.net/issues/4984