admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-07 05:28:59 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2024/CVE-2024-328xx/CVE-2024-32870.json
cad-safe-bot e6cbafdc40 Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00

125 lines
4.0 KiB
JSON
Raw Blame History

{
"id": "CVE-2024-32870",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-11-05T00:15:04.297",
"lastModified": "2024-11-13T01:07:24.057",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Combodo iTop is a simple, web based IT Service Management tool. Server, OS, DBMS, PHP, and iTop info (name, version and parameters) can be read by anyone having access to iTop URI. This issue has been patched in versions 2.7.11, 3.0.5, 3.1.2, and 3.2.0. Users are advised to upgrade. There are no known workarounds for this vulnerability."
},
{
"lang": "es",
"value": "Combodo iTop es una herramienta de gesti\u00f3n de servicios de TI sencilla y basada en la web. Cualquier persona que tenga acceso a la URI de iTop puede leer la informaci\u00f3n del servidor, el sistema operativo, el DBMS, PHP e iTop (nombre, versi\u00f3n y par\u00e1metros). Este problema se ha corregido en las versiones 2.7.11, 3.0.5, 3.1.2 y 3.2.0. Se recomienda a los usuarios que actualicen la versi\u00f3n. No se conocen soluciones alternativas para esta vulnerabilidad."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:combodo:itop:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.7.11",
"matchCriteriaId": "1BF82095-AA7D-454F-9228-78EC4D8CD5CE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:combodo:itop:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.0.0",
"versionEndExcluding": "3.0.5",
"matchCriteriaId": "BB27E0C9-520F-4289-AB31-A4DDAD763F52"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:combodo:itop:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.1.0",
"versionEndExcluding": "3.1.2",
"matchCriteriaId": "88B32C5C-D9F9-4719-ACA5-217D1E696D4C"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/Combodo/iTop/security/advisories/GHSA-rfjh-2f5x-qxmx",
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink