FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

glpi -- Account takeover vulnerability

Affected packages
glpi < 9.4.4,1

Details

VuXML ID d3f60db0-3aea-11eb-af2a-080027dbe4b7
Discovery 2019-08-05
Entry 2019-08-05
Modified 2024-04-25

MITRE Corporation reports:

GLPI through 9.4.3 is prone to account takeover by abusing the ajax/autocompletion.php autocompletion feature. The lack of correct validation leads to recovery of the token generated via the password reset functionality, and thus an authenticated attacker can set an arbitrary password for any user. This vulnerability can be exploited to take control of admin account. This vulnerability could be also abused to obtain other sensitive fields like API keys or password hashes.

References

CVE Name CVE-2019-14666
URL https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14666
URL https://github.com/glpi-project/glpi/security/advisories/GHSA-47hq-pfrr-jh5q
URL https://www.tarlogic.com/advisories/Tarlogic-2019-GPLI-Account-Takeover.txt