Unrated severityNVD Advisory· Published Sep 22, 2022· Updated Apr 23, 2025

SCCM plugin for GLPI vulnerable to Exposure of Sensitive Information to an Unauthorized Actor

CVE-2021-39190

Description

The SCCM plugin for GLPI is a plugin to synchronize computers from SCCM (version 1802) to GLPI. In versions prior to 2.3.0, the Configuration page is publicly accessible in read-only mode. This issue is patched in version 2.3.0. No known workarounds exist.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

Pluginsglpi/SCCMllm-create2 versions
<2.3.0+ 1 more
- (no CPE)range: <2.3.0
- (no CPE)range: < 2.3.0

Patches

Vulnerability mechanics

References

github.com/pluginsGLPI/sccm/commit/29a7f92d32a0cf9aa3f22c52c50b738274d2813emitrex_refsource_MISC
github.com/pluginsGLPI/sccm/security/advisories/GHSA-3324-57w6-jxcqmitrex_refsource_CONFIRM

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000