pluginsGLPI Database Inventory Plugin Arbitrary PHP Object Injection Vulnerability
Vulnerability
A stored object injection vulnerability has been identified in the Database Inventory Plugin for GLPI, affecting versions through 1.1.1. This vulnerability arises from user-controlled data being insecurely stored in the database via the 'computergroup' component. Under certain conditions, such as having database write access through another vulnerability or misconfiguration, this data is unserialized on every page load, allowing for arbitrary PHP object instantiation. Version 1.1.2 addresses this issue by migrating the dynamic group search from a serialized format to JSON, thereby eliminating the vulnerability.
Impact
Exploitation of this vulnerability allows for stored object injection, where arbitrary PHP objects can be instantiated, potentially leading to further exploitation such as code execution.
Remediation
Users can upgrade to Database Inventory Plugin version 1.1.2 to address this vulnerability.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.