Описание
Combodo iTop is a web based IT Service Management tool. In iTop before versions 2.7.2 and 3.0.0, two cookies are created for the same session, which leads to a possibility to steal user session. This is fixed in versions 2.7.2 and 3.0.0.
Ссылки
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2.7.2 (исключая)
Одно из
cpe:2.3:a:combodo:itop:*:*:*:*:*:*:*:*
cpe:2.3:a:combodo:itop:3.0.0:alpha:*:*:*:*:*:*
EPSS
Процентиль: 42%
0.002
Низкий
6.1 Medium
CVSS3
5.8 Medium
CVSS2
Дефекты
CWE-613
EPSS
Процентиль: 42%
0.002
Низкий
6.1 Medium
CVSS3
5.8 Medium
CVSS2
Дефекты
CWE-613