CVE-2020-5248

Public GLPIKEY can be used to decrypt any data in GLPI

GLPI before before version 9.4.6 has a vulnerability involving a default encryption key. GLPIKEY is public and is used on every instance. This means anyone can decrypt sensitive data stored using this key. It is possible to change the key before installing GLPI. But on existing instances, data must be reencrypted with the new key. Problem is we can not know which columns or rows in the database are using that; espcially from plugins. Changing the key without updating data would lend in bad password sent from glpi; but storing them again from the UI will work.

We have discovered 31 live websites that are affected by CVE-2020-5248.

Run a Free Instant Scan



Affected Software

Product  GLPI
Category Help desk
Vulnerable Domains31 live websites (100% of GLPI install base)
Vulnerable Versions
  • from 0 through 9.4.6
Vulnerable Versions Count6 versions ( 67% of all versions)


Common Weakness Enumeration

CWE-798 Use of Hard-coded Credentials



Details

  • Published - May 12, 2020
  • Updated - Aug 4, 2024

Website Distribution by Country

Number of websites using CVE-2020-5248
United States4 websites


Brazil9 websites
Russia5 websites
Colombia3 websites
France3 websites
Belgium1 websites
Spain1 websites
GB1 websites
Hong Kong1 websites
Italy1 websites

Website Distribution by TLD

Number of websites using CVE-2020-5248
.com7 websites
.ru5 websites
.com.br4 websites
.co2 websites
.fr2 websites
.be1 websites
.net1 websites
.pl1 websites

Vulnerable Versions

Vulnerable versions are highlighted in red

Websites affected by CVE-2020-5248

Top websites that are affected by CVE-2020-5248. Please click on the "Contact us" link to get more information.
DomainCountryRankContacts
******.com Hong Kong*,***,***
*****.********.com Colombia**,***,***
**********.*****.**.***.br Brazil**,***,***
*****.hu GB**,***,***
********.*****.**.***.br Brazil**,***,***
********.*******.***.tr Turkey**,***,***
****.********.com Colombia**,***,***
***********.fr France**,***,***
*******.****.ru Russia**,***,***
********.***********.com United States**,***,***
See full domain list

FAQ

CVE-2020-5248 is Use of Hard-coded Credentials in GLPI
A total of 31 websites have been identified as vulnerable to CVE-2020-5248, based on global website indexing conducted by WebTechSurvey.
The GLPI is affected by the CVE-2020-5248 vulnerability.
GLPI versions up to 9.4.6 are vulnerable to CVE-2020-5248.
CVE-2020-5248 is resolved in version 9.4.6 of GLPI.