What is the severity of CVE-2013-5696?

The severity of CVE-2013-5696 is typically classified as medium due to its potential impact through CSRF and SQL injection vulnerabilities.

What types of attacks can CVE-2013-5696 facilitate?

CVE-2013-5696 can facilitate cross-site request forgery (CSRF) attacks and SQL injection via specific actions.

How do I fix CVE-2013-5696?

To fix CVE-2013-5696, upgrade GLPI to version 0.84.2 or later, which mitigates the vulnerability.

What software versions are affected by CVE-2013-5696?

CVE-2013-5696 affects GLPI versions prior to 0.84.2, including versions 0.5 through 0.83.9.

Can CVE-2013-5696 impact data integrity?

Yes, CVE-2013-5696 can impact data integrity through SQL injection, allowing unauthorized data manipulation.

Vulnerability/
CVE-2013-5696

medium

6.8

CWE

89 352

23/9/2013

16/9/2024

CVE-2013-5696: SQL Injection

First published: Mon Sep 23 2013(Updated: )

inc/central.class.php in GLPI before 0.84.2 does not attempt to make install/install.php unavailable after an installation is completed, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks, and (1) perform a SQL injection via an Etape_4 action or (2) execute arbitrary PHP code via an update_1 action.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
GLPI	<=0.84.1
GLPI	=0.5
GLPI	=0.5-rc1
GLPI	=0.5-rc2
GLPI	=0.6
GLPI	=0.6-rc1
GLPI	=0.6-rc2
GLPI	=0.6-rc3
GLPI	=0.20
GLPI	=0.21
GLPI	=0.30
GLPI	=0.31
GLPI	=0.40
GLPI	=0.41
GLPI	=0.42
GLPI	=0.51
GLPI	=0.51a
GLPI	=0.65
GLPI	=0.65-rc1
GLPI	=0.65-rc2
GLPI	=0.68
GLPI	=0.68-rc1
GLPI	=0.68-rc2
GLPI	=0.68-rc3
GLPI	=0.68.1
GLPI	=0.68.2
GLPI	=0.68.3
GLPI	=0.70
GLPI	=0.70-rc1
GLPI	=0.70-rc2
GLPI	=0.70-rc3
GLPI	=0.70.1
GLPI	=0.70.2
GLPI	=0.71
GLPI	=0.71.1
GLPI	=0.71.1-rc1
GLPI	=0.71.1-rc2
GLPI	=0.71.1-rc3
GLPI	=0.71.2
GLPI	=0.71.3
GLPI	=0.71.4
GLPI	=0.71.5
GLPI	=0.71.6
GLPI	=0.72
GLPI	=0.72-rc1
GLPI	=0.72-rc2
GLPI	=0.72-rc3
GLPI	=0.72.1
GLPI	=0.72.2
GLPI	=0.72.3
GLPI	=0.72.4
GLPI	=0.78
GLPI	=0.78.1
GLPI	=0.78.2
GLPI	=0.78.3
GLPI	=0.78.4
GLPI	=0.78.5
GLPI	=0.80
GLPI	=0.80.1
GLPI	=0.80.2
GLPI	=0.80.3
GLPI	=0.80.4
GLPI	=0.80.5
GLPI	=0.80.6
GLPI	=0.80.7
GLPI	=0.80.61
GLPI	=0.83
GLPI	=0.83.1
GLPI	=0.83.2
GLPI	=0.83.3
GLPI	=0.83.4
GLPI	=0.83.5
GLPI	=0.83.6
GLPI	=0.83.7
GLPI	=0.83.8
GLPI	=0.83.9
GLPI	=0.83.31
GLPI	=0.83.91
GLPI	=0.84

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2013-5696?
The severity of CVE-2013-5696 is typically classified as medium due to its potential impact through CSRF and SQL injection vulnerabilities.
What types of attacks can CVE-2013-5696 facilitate?
CVE-2013-5696 can facilitate cross-site request forgery (CSRF) attacks and SQL injection via specific actions.
How do I fix CVE-2013-5696?
To fix CVE-2013-5696, upgrade GLPI to version 0.84.2 or later, which mitigates the vulnerability.
What software versions are affected by CVE-2013-5696?
CVE-2013-5696 affects GLPI versions prior to 0.84.2, including versions 0.5 through 0.83.9.
Can CVE-2013-5696 impact data integrity?
Yes, CVE-2013-5696 can impact data integrity through SQL injection, allowing unauthorized data manipulation.

agent/type
agent/remedy
agent/author
agent/references
agent/severity
agent/description
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/first-publish-date
agent/event
agent/source
agent/weakness
agent/softwarecombine
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/glpi-project
canonical/glpi
version/glpi/0.84.1
version/glpi/0.5
version/glpi/0.5-rc1
version/glpi/0.5-rc2
version/glpi/0.6
version/glpi/0.6-rc1
version/glpi/0.6-rc2
version/glpi/0.6-rc3
version/glpi/0.20
version/glpi/0.21
version/glpi/0.30
version/glpi/0.31
version/glpi/0.40
version/glpi/0.41
version/glpi/0.42
version/glpi/0.51
version/glpi/0.51a
version/glpi/0.65
version/glpi/0.65-rc1
version/glpi/0.65-rc2
version/glpi/0.68
version/glpi/0.68-rc1
version/glpi/0.68-rc2
version/glpi/0.68-rc3
version/glpi/0.68.1
version/glpi/0.68.2
version/glpi/0.68.3
version/glpi/0.70
version/glpi/0.70-rc1
version/glpi/0.70-rc2
version/glpi/0.70-rc3
version/glpi/0.70.1
version/glpi/0.70.2
version/glpi/0.71
version/glpi/0.71.1
version/glpi/0.71.1-rc1
version/glpi/0.71.1-rc2
version/glpi/0.71.1-rc3
version/glpi/0.71.2
version/glpi/0.71.3
version/glpi/0.71.4
version/glpi/0.71.5
version/glpi/0.71.6
version/glpi/0.72
version/glpi/0.72-rc1
version/glpi/0.72-rc2
version/glpi/0.72-rc3
version/glpi/0.72.1
version/glpi/0.72.2
version/glpi/0.72.3
version/glpi/0.72.4
version/glpi/0.78
version/glpi/0.78.1
version/glpi/0.78.2
version/glpi/0.78.3
version/glpi/0.78.4
version/glpi/0.78.5
version/glpi/0.80
version/glpi/0.80.1
version/glpi/0.80.2
version/glpi/0.80.3
version/glpi/0.80.4
version/glpi/0.80.5
version/glpi/0.80.6
version/glpi/0.80.7
version/glpi/0.80.61
version/glpi/0.83
version/glpi/0.83.1
version/glpi/0.83.2
version/glpi/0.83.3
version/glpi/0.83.4
version/glpi/0.83.5
version/glpi/0.83.6
version/glpi/0.83.7
version/glpi/0.83.8
version/glpi/0.83.9
version/glpi/0.83.31
version/glpi/0.83.91
version/glpi/0.84

CVE-2013-5696: SQL Injection

Remedy

Remedy

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2013-5696?

What types of attacks can CVE-2013-5696 facilitate?

How do I fix CVE-2013-5696?

What software versions are affected by CVE-2013-5696?

Can CVE-2013-5696 impact data integrity?

Company

Resources

Contact