Primary

Context

GLPI Unauthorized Rules Execution Order Update Vulnerability

Vulnerability

Patched

A vulnerability exists in GLPI versions 10.0.0 prior to 10.0.19, allowing connected users without administrative rights to alter the execution order of rules. This issue has been addressed in version 10.0.19.

Impact

Exploitation of this vulnerability allows for unauthorized modification of the rules execution order, which could disrupt intended workflows or processes that rely on the correct sequence of rule execution.

Remediation

Users are advised to upgrade to GLPI version 10.0.19, where this vulnerability has been patched.

Added: Aug 27, 2025, 3:23 PM

Updated: Aug 27, 2025, 3:23 PM

Vulnerability Rating

Custom Algorithm

spread

5.0

impact

0.6

exploitability

5.2

remediation

7.7

relevance

0.4

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.0

impact

0.6

exploitability

5.2

remediation

7.7

relevance

0.4

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

GLPI Unauthorized Rules Execution Order Update Vulnerability

Vulnerability

Impact

Remediation

Affected Products

GLPI

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating