GLPI-Agent's MSI package installation permits local users to change Agent configuration
Description
The GLPI Agent is a generic management agent. A vulnerability that only affects GLPI-Agent installed on windows via MSI packaging can allow a local user to cause denial of agent service by replacing GLPI server url with a wrong url or disabling the service. Additionally, in the case the Deploy task is installed, a local malicious user can trigger privilege escalation configuring a malicious server providing its own deploy task payload. GLPI-Agent 1.7.2 contains a patch for this issue. As a workaround, edit GLPI-Agent related key under HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall and add SystemComponent DWORD value setting it to 1 to hide GLPI-Agent from installed applications.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2<1.7.2+ 1 more
- (no CPE)range: <1.7.2
- (no CPE)range: < 1.7.2
Patches
Vulnerability mechanics
References
2- github.com/glpi-project/glpi-agent/commit/41bbb1169e899bd15350a9e2fdbf9269a3b7a14fmitrex_refsource_MISC
- github.com/glpi-project/glpi-agent/security/advisories/GHSA-hx3x-mmqg-h3jpmitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.