Overview
- Description
- Combodo iTop is a simple, web based IT Service Management tool. Several url endpoints are subject to a Cross-Site Request Forgery (CSRF) vulnerability. Please refer to the linked GHSA for the complete list. This issue has been addressed in version 3.2.0 and all users are advised to upgrade. There are no known workarounds for this vulnerability.
- Source
- security-advisories@github.com
- NVD status
- Awaiting Analysis
Risk scores
CVSS 3.0
- Type
- Secondary
- Base score
- 7.6
- Impact score
- 4.7
- Exploitability score
- 2.8
- Vector string
- CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L
- Severity
- HIGH
Weaknesses
- security-advisories@github.com
- CWE-352
Social media
- Hype score
- Not currently trending
CVE-2024-52002 CSRF Vulnerability in Combodo iTop Fixed in Version 3.2.0 Combodo iTop is a basic web-based tool for IT Service Management. Various URL endpoints have a Cross-Site Request Forgery (CSRF) vulnerabil... https://t.co/hj7gcMwQBx
@VulmonFeeds
9 Nov 2024
32 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-52002 Combodo iTop is a simple, web based IT Service Management tool. Several url endpoints are subject to a Cross-Site Request Forgery (CSRF) vulnerability. Please refer t… https://t.co/ElneSnAmGg
@CVEnew
8 Nov 2024
356 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes