← Back

CVE-2024-52001

nvd nist
Published: Nov 8, 2024Modified: Jan 7, 2025

JSON object

Loading...
4.3
Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Exploitability: 2.8 / Impact: 1.4
Source: NVD

Description

Combodo iTop is a simple, web based IT Service Management tool. In affected versions portal users are able to access forbidden services information. This issue has been addressed in version 3.2.0. All users are advised to upgrade. There are no known workarounds for this vulnerability.

Affected (1)

Products: Combodo: Itop
Combodo
1 product
Itop
Configuration A
1 vulnerable
Vulnerable SoftwareAffected Versions
Itop
Before 3.2.0

Related CWEs

CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (1)

Source: security-advisories@github.com
Vendor Advisory

Timeline

No history available yet.