Exploit Report

Exploit Report

Computer Security And Bug Information

CVE-2022-39214

Last Updated: March 18, 2023
CVECVE-2022-39214
CVE Title
Published Date2023-03-14T16:15Z
Modified Date2023-03-18T03:52Z
CWE TypeCWE-863
CVSS 3.xCVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
DescriptionCombodo iTop is an open source, web-based IT service management platform. Prior to versions 2.7.8 and 3.0.2-1, a user who can log in on iTop is able to take over any account just by knowing the account's username. This issue is fixed in versions 2.7.8 and 3.0.2-1.
References
By clicking these links you will leave this website. We do not endorse and will not be held accountable for any activity on external sites.
Reference URLhttps://github.com/Combodo/iTop/commit/bdebea62b642622ed71410b26c81e8537e6e58fa
Reference DescriptionMISC https://github.com/Combodo/iTop/commit/bdebea62b642622ed71410b26c81e8537e6e58fa
Reference URLhttps://github.com/Combodo/iTop/security/advisories/GHSA-vj96-j84g-jhx4
Reference DescriptionMISC https://github.com/Combodo/iTop/security/advisories/GHSA-vj96-j84g-jhx4
Reference URLhttps://github.com/Combodo/iTop/commit/4c1df9927d1dc6b0181ee20721f93346def026fd
Reference DescriptionMISC https://github.com/Combodo/iTop/commit/4c1df9927d1dc6b0181ee20721f93346def026fd
TagsPatch
Sources NIST MITRE

This site's data is aggregated programmatically and provided "as is" without any representations or warranties, express or implied. Exploit.report is not affiliated with the The MITRE Corporation, U.S. Department of Homeland Security (DHS), Cybersecurity and Infrastructure Security Agency (CISA), or US government in any way. CVE and the CVE logo are registered trademarks of The MITRE Corporation

© 2022 Exploit.Report | Data | Contact | Privacy Policy | Articles