Security Advisory

CVE-2020-11031

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-09-23 15:20:13

Last updated 2024-08-04 11:21:14

Assigner GitHub_M

State PUBLISHED

Description

In GLPI before version 9.5.0, the encryption algorithm used is insecure. The security of the data encrypted relies on the password used, if a user sets a weak/predictable password, an attacker could decrypt data. This is fixed in version 9.5.0 by using a more secure encryption library. The library chosen is sodium.

← Browse all CVEs View on cve.org ↗