CVE-2022-39323: 
GLPI vulnerability analysis and mitigation

CVE-2022-39323 is a SQL injection vulnerability discovered in GLPI's REST API, specifically affecting the user_token functionality. The vulnerability affects GLPI versions 9.1 and above, with a patch released in version 10.0.4. GLPI (GNU License Public Information) is a Free Asset and IT Management Software package that provides ITIL Service Desk features, licenses tracking, and software auditing capabilities (NIST NVD, GitHub Advisory).

The vulnerability is classified as CWE-89 (SQL Injection) with a CVSS v3.1 score of 7.4 (High severity). The attack vector is Network-based with high attack complexity, requiring no privileges or user interaction. The vulnerability maintains unchanged scope with high impact on both confidentiality and integrity, but no impact on availability. The technical assessment indicates it's a time-based SQL injection attack targeting the API REST user_token functionality (GitHub Advisory).

The vulnerability has potential for high impact on both confidentiality and integrity of the affected systems. As a SQL injection vulnerability, it could allow attackers to access and modify database contents, potentially exposing sensitive information or manipulating system data (GitHub Advisory).

The primary mitigation is to upgrade to GLPI version 10.0.4 or later. For systems unable to update immediately, a temporary workaround is available by disabling login with user_token on API Rest. Users can contact glpi-security@ow2.org for additional security guidance (GitHub Advisory).