GLPI before 0.84.7 does not properly restrict access to cost information, which allows remote attackers to obtain sensitive information via the cost criteria in the search bar.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2015-04-14T18:00:00
Updated: 2015-04-14T17:57:00
Reserved: 2014-07-22T00:00:00
Link: CVE-2014-5032
JSON object: View
NVD Information
Status : Analyzed
Published: 2015-04-14T18:59:00.073
Modified: 2015-04-15T15:19:01.667
Link: CVE-2014-5032
JSON object: View
Redhat Information
No data.
CWE