vulnerability

Ubuntu: (CVE-2022-31061): glpi vulnerability

Try Surface Command

Back to search

Severity

CVSS

(AV:N/AC:L/Au:N/C:P/I:P/A:P)

Published

Jun 28, 2022

Added

Jun 26, 2025

Modified

Mar 27, 2026

Description

GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. In affected versions there is a SQL injection vulnerability which is possible on login page. No user credentials are required to exploit this vulnerability. Users are advised to upgrade as soon as possible. There are no known workarounds for this issue.

Solution

no-fix-ubuntu-package

References

CVE-2022-31061
https://attackerkb.com/topics/CVE-2022-31061
CWE-89
EUVD-EUVD-2022-52733
https://euvd.enisa.europa.eu/vulnerability/EUVD-2022-52733
https://github.com/glpi-project/glpi/security/advisories/GHSA-w2gc-v2gm-q7wq
https://www.cve.org/CVERecord?id=CVE-2022-31061

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report