CVE-2021-39211 Scanner
Detects 'Information Disclosure' vulnerability in GLPI affects v. from 9.2 prior to 9.5.6.
Short Info
Level
Medium
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 second
Time Interval
4 week
Scan only one
Url
Toolbox
-
GLPI is a widely-used open-source Asset and IT management software package that provides a comprehensive solution for managing software and hardware assets as well as other IT resources. It offers features such as tracking of inventory, managing licenses, monitoring software usage, and managing service contracts.
Recently, a critical security vulnerability, CVE-2021-39211, was discovered in GLPI versions prior to 9.5.6. This vulnerability exposes GLPI and server information through its telemetry endpoint, which can be used by attackers to gain access to sensitive data.
When exploited, this vulnerability can lead to a variety of negative impacts, including data breaches, theft of confidential information, and system damage. Attackers can use the information retrieved from the telemetry endpoint to conduct targeted attacks and compromise other systems connected to the GLPI server.
In order to remain up-to-date with the latest vulnerabilities and security risks affecting their digital assets, users can rely on professional solutions such as s4e.io platform. With its advanced features and capabilities, the platform provides real-time alerts, comprehensive risk assessments, and automated security measures to safeguard users' digital assets from various threats and vulnerabilities. By leveraging its pro features, users can easily and quickly learn about vulnerabilities in their digital assets, and take necessary measures to address them before they turn into catastrophic security incidents.
REFERENCES