CVE-2024-27930

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Mar 18, 2024

Updated: Apr 24, 2024

CWE ID 285

Summary

CVE-2024-27930 is a vulnerability affecting GLPI, a Free Asset and IT Management Software. An authenticated user with read access to items can gain unauthorized access to sensitive fields' data. This issue poses a risk for data breaches and unauthorized information disclosure. The vulnerability has been addressed in the latest version 10.0.13, which is recommended for immediate installation. Organizations running older versions should apply the patch as soon as possible to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/usFhDl
https://www.cve.org/CVERecord?id=CVE-2024-27930
https://nvd.nist.gov/vuln/detail/CVE-2024-27930

Back to Vulnerability Database

CVE-2024-27930

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations