CVE-2024-27096 – CVE-2024-27096 is a SQL injection vulnerability... (How to Fix)

Q: What is the severity of CVE-2024-27096?

CVE-2024-27096 has a CVSS score of 7.7 (HIGH). CVE-2024-27096 is a SQL injection vulnerability in GLPI's search engine that allows authenticated users to extract sensitive data from the database. This affects GLPI installations before version 10.0.13. Any organization using vulnerable GLPI versions with authenticated user accounts is at risk.

📋 TL;DR

CVE-2024-27096 is a SQL injection vulnerability in GLPI's search engine that allows authenticated users to extract sensitive data from the database. This affects GLPI installations before version 10.0.13. Any organization using vulnerable GLPI versions with authenticated user accounts is at risk.

💻 Affected Systems

Products:

GLPI

Versions: All versions before 10.0.13

Operating Systems: All platforms running GLPI

Default Config Vulnerable: ⚠️ Yes

Notes: Requires authenticated user access. All GLPI installations before the patched version are vulnerable regardless of configuration.

📦 What is this software?

Glpi by Glpi Project

View all CVEs affecting Glpi →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise including extraction of sensitive user credentials, configuration data, and business information, potentially leading to full system takeover.

🟠

Likely Case

Unauthorized data extraction from GLPI database including user information, asset details, and configuration data.

🟢

If Mitigated

Limited impact with proper input validation and database permissions, potentially only allowing data viewing from authorized tables.

🌐 Internet-Facing: HIGH if GLPI is exposed to the internet with authenticated user access.

🏢 Internal Only: MEDIUM as authenticated internal users could exploit the vulnerability.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires authenticated access to GLPI. SQL injection in search functionality suggests straightforward exploitation for users with database knowledge.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 10.0.13

Vendor Advisory: https://github.com/glpi-project/glpi/security/advisories/GHSA-2x8m-vrcm-2jqv

Restart Required: No

Instructions:

1. Backup your GLPI database and files. 2. Download GLPI 10.0.13 or later from official sources. 3. Follow GLPI upgrade documentation to update your installation. 4. Verify the update completed successfully.

🔧 Temporary Workarounds

Restrict User Access

all

Limit authenticated user access to only trusted personnel and implement principle of least privilege.

Web Application Firewall

all

Implement WAF rules to detect and block SQL injection attempts in search parameters.

🧯 If You Can't Patch

Implement strict input validation and parameterized queries for all search functionality
Apply database-level controls to limit user permissions and implement database activity monitoring

🔍 How to Verify

Check if Vulnerable:

Check GLPI version via web interface or by examining the GLPI installation files. Versions before 10.0.13 are vulnerable.

Check Version:

Check GLPI web interface or examine the GLPI installation directory for version information.

Verify Fix Applied:

Verify GLPI version is 10.0.13 or later and check that the specific commit fixing the vulnerability is present in your installation.

📡 Detection & Monitoring

Log Indicators:

Unusual SQL queries in application logs
Multiple search requests with suspicious parameters
Database error messages containing SQL syntax

Network Indicators:

Unusual patterns in search API requests
Repeated requests with SQL-like syntax in parameters

SIEM Query:

Search for patterns like '%SELECT%', '%UNION%', '%FROM%' in GLPI search request parameters or application logs.

📊 Metadata

CVE ID: CVE-2024-27096

CVSS v3 Score: 7.7 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

CWE: CWE-89

Published: March 18, 2024

Last Updated: January 2, 2025

🔗 References

https://github.com/glpi-project/glpi/commit/61a0c2302b4f633f5065358adc36058e1abc37f9 Patch
https://github.com/glpi-project/glpi/releases/tag/10.0.13 Release Notes
https://github.com/glpi-project/glpi/security/advisories/GHSA-2x8m-vrcm-2jqv Vendor Advisory
https://github.com/glpi-project/glpi/commit/61a0c2302b4f633f5065358adc36058e1abc37f9 Patch
https://github.com/glpi-project/glpi/releases/tag/10.0.13 Release Notes
https://github.com/glpi-project/glpi/security/advisories/GHSA-2x8m-vrcm-2jqv Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-27096, you might also want to check these: