CVE-2020-4079 – Combodo iTop is a web based IT Service Management tool. In iTop before versions 2.7.2 and …

12 January 2021

Vuln ID: CVE-2020-4079

Published: 2021-01-12 20:15:24Z

Description: Combodo iTop is a web based IT Service Management tool. In iTop before versions 2.7.2 and 2.8.0, when the ajax endpoint for the "excel export" portal functionality is called directly it allows getting data without scope filtering. This allows a user to access data they which they should not have access to. This is fixed in versions 2.7.2 and 3.0.0.

Source: NVD.NIST.GOV

Date:

12 January 2021

Categorie(s):

NVD

Tag(s):

NVD

Popular File Transfer Software CrushFTP Hit by Zero-Day Exploit25 April 2024
WhyLabs AI Control Center offers teams real-time control over their AI applications25 April 2024
FTC issues refunds to Ring customers following privacy settlement25 April 2024
Network Threats: A Step-by-Step Attack Demonstration25 April 2024
ESET integrates with Arctic Wolf to provide greater security visibility25 April 2024