CVE-2022-35945 : What You Need to Know

This article provides insights into CVE-2022-35945, a cross-site scripting vulnerability found in GLPI, an IT and asset management software package.

Understanding CVE-2022-35945

This section delves into what CVE-2022-35945 entails, its impact, technical details, and mitigation strategies.

What is CVE-2022-35945?

CVE-2022-35945 is a cross-site scripting (XSS) vulnerability in GLPI due to improper neutralization of input during web page generation. Attackers could exploit this to steal GLPI administrator cookies.

The Impact of CVE-2022-35945

With a CVSS base score of 6.3, this medium-severity vulnerability requires user interaction for exploitation. It could lead to low confidentiality, integrity, and availability impacts.

Technical Details of CVE-2022-35945

This section outlines the vulnerability description, affected systems and versions, as well as the exploitation mechanism.

Vulnerability Description

GLPI fails to properly escape information associated with registration keys, enabling malicious actors to pilfer administrator cookies.

Affected Systems and Versions

The vulnerability affects GLPI versions >= 9.5.0 and < 10.0.3.

Exploitation Mechanism

By leveraging unescaped registration key data, attackers can craft malicious scripts to execute unauthorized actions.

Mitigation and Prevention

This section provides guidance on immediate steps to take, long-term security practices, and the importance of patching and updates.

Immediate Steps to Take

Users are advised to upgrade to GLPI version 10.0.3 to eliminate the vulnerability. Avoid using registration keys created by untrusted sources.

Long-Term Security Practices

Regularly monitor and update IT management software to mitigate security risks effectively.

Patching and Updates

Stay informed about security advisories and promptly apply patches and updates to secure systems.