Executive Risk Summary
"The GLPI Inventory Plugin has an improper access control vulnerability in versions prior to 1.5.0, which could allow unauthorized access to sensitive data. Upgrading to version 1.5.0 fixes the vulnerability and mitigates the risk."
Operational Audit Arsenal
Target Type Plugin
Target Asset GLPI Inventory Plugin
Standard Path GLPI Agents
PowerShell
# 🛠️ Senior Engineer Universal Audit
# Target: GLPI Inventory Plugin (Plugin)
$Target = "GLPI Inventory Plugin"
$SearchPaths = @("$env:windir\System32", "$env:ProgramFiles", "${env:ProgramFiles(x86)}")
Get-ChildItem -Path $SearchPaths -Filter $Target -Recurse -ErrorAction SilentlyContinue |
Select-Object FullName, @{Name="Version";Expression={$_.VersionInfo.ProductVersion}}Patch Impact Forecast
Reboot Required
Unknown
Service Disruption
Low
Internal Work Notes
Recommend upgrading GLPI Inventory Plugin to version 1.5.0 to fix improper access control vulnerability.
Intelligence Sources
Scope of Impact
Original NVD Description
"The GLPI Inventory Plugin handles various types of tasks for GLPI agents, including network discovery and inventory (SNMP), software deployment, VMWare ESX host remote inventory, and data collection (files, Windows registry, WMI). Versions prior to 1.5.0 have an improper access control vulnerability. Version 1.5.0 fixes the vulnerability."
Data compiled from NVD, MSRC, and CISA KEV Catalog. Intelligence synthesized via AI. Scripts provided for diagnostic purposes under MIT License.