CVE-2025-27153

Sažetak

Escalade GLPI plugin is a ticket escalation process helper for GLPI. Prior to version 2.9.11, there is an improper access control vulnerability. This can lead to data exposure and workflow disruptions. This issue has been patched in version 2.9.11.

Reference

https://github.com/pluginsGLPI/escalade/releases/tag/2.9.11
https://github.com/pluginsGLPI/escalade/security/advisories/GHSA-pvqv-8r3r-47m9

CVSS

Base:	6.5
Impact:	2.5
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
LOW	LOW	NONE

CVSS vektor

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Zadnje važnije ažuriranje

01-07-2025 - 19:15

Objavljeno

01-07-2025 - 19:15