CVE-2019-10231

CVE-2019-10231

EPSS 2.1%

Teclib GLPI before 9.4.1.1 is affected by a PHP type juggling vulnerability allowing bypass of authentication. This occurs in Auth::checkPassword() (inc/auth.class.php).

Productos afectados

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://github.com/glpi-project/glpi/pull/5520 https://github.com/glpi-project/glpi/releases/tag/9.4.1.1