CVE-2025-53357
📋 TL;DR
This vulnerability in GLPI allows authenticated users to modify other users' reservations, potentially disrupting IT asset management and service desk operations. All GLPI installations running versions 0.78 through 10.0.18 with connected users are affected.
💻 Affected Systems
- GLPI (Gestionnaire Libre de Parc Informatique)
📦 What is this software?
Glpi by Glpi Project
⚠️ Risk & Real-World Impact
Worst Case
Malicious insider or compromised account could delete, modify, or create unauthorized reservations, causing operational disruption, double-booking conflicts, and potential denial of service for legitimate users.
Likely Case
Accidental or intentional modification of other users' reservations leading to scheduling conflicts, resource allocation issues, and minor service disruptions.
If Mitigated
Limited impact with proper access controls, audit logging, and user education about reservation integrity.
🎯 Exploit Status
Exploitation requires authenticated access to GLPI. The advisory suggests the vulnerability is straightforward to exploit once authenticated.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 10.0.19
Vendor Advisory: https://github.com/glpi-project/glpi/security/advisories/GHSA-x9mj-822q-6cf8
Restart Required: No
Instructions:
1. Backup your GLPI database and files. 2. Download GLPI version 10.0.19 or later from the official repository. 3. Follow the GLPI upgrade procedure for your version. 4. Verify the upgrade completed successfully.
🔧 Temporary Workarounds
Disable reservation module
allTemporarily disable the reservation functionality if not critical to operations
Restrict user permissions
allReview and minimize user permissions to reservation-related functions
🧯 If You Can't Patch
- Implement strict access controls and review user permissions regularly
- Enable detailed audit logging for all reservation activities and monitor for anomalies
🔍 How to Verify
Check if Vulnerable:
Check GLPI version via web interface (Setup > General > About) or by examining the GLPI installation filesCheck Version:
Check GLPI web interface or examine inc/define.php for version constantVerify Fix Applied:
Confirm version is 10.0.19 or later and test that users cannot modify others' reservations📡 Detection & Monitoring
Log Indicators:
- Unauthorized reservation modifications
- User modifying reservations belonging to other users
- Failed reservation access attempts
Network Indicators:
- HTTP POST requests to reservation endpoints with modified user IDs
SIEM Query:
source="glpi_logs" AND (event="reservation_modification" AND user_id!=reservation_owner)