CVE-2024-51740
CVE-2024-51740
Título es
CVE-2024-51740
Mar, 05/11/2024 – 19:15
Tipo
CWE-918
Gravedad 2.0 Txt
Pendiente de análisis
Título en
CVE-2024-51740
Descripción en
Combodo iTop is a simple, web based IT Service Management tool. This vulnerability can be used to create HTTP requests on behalf of the server, from a low privileged user. The user portal form manager has been fixed to only instantiate classes derived from it. This issue has been addressed in versions 2.7.11, 3.0.5, 3.1.2, and 3.2.0. Users are advised to upgrade. There are no known workarounds for this vulnerability.
05/11/2024
05/11/2024
Vector CVSS:3.1
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
Gravedad 3.1 (CVSS 3.1 Base Score)
4.30
Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
MEDIUM
Enviar en el boletín
Off
