VYPR
Unrated severityNVD Advisory· Published Oct 19, 2021· Updated Aug 3, 2024

Unauthorized setup leads to SSRF in Combodo/iTop

CVE-2021-32663

Description

iTop is an open source web based IT Service Management tool. In affected versions an attacker can call the system setup without authentication. Given specific parameters this can lead to SSRF. This issue has been resolved in versions 2.6.5 and 2.7.5 and later

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Combodo/Itopllm-fuzzy2 versions
    <2.6.5 || <2.7.5+ 1 more
    • (no CPE)range: <2.6.5 || <2.7.5
    • (no CPE)range: < 2.6.5

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.