Vulnerabilities > CVE-2020-15218 - Insufficient Session Expiration vulnerability in Combodo Itop

047910
CVSS 6.8 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
HIGH
Integrity impact
NONE
Availability impact
NONE
network
low complexity
combodo
CWE-613
NVD
Published: 2021-01-13
Updated: 2021-01-15

Summary

Combodo iTop is a web based IT Service Management tool. In iTop before versions 2.7.2 and 3.0.0, admin pages are cached, so that their content is visible after deconnection by using the browser back button. This is fixed in versions 2.7.2 and 3.0.0.

Vulnerable Configurations

Part Description Count
Application
Combodo
81

Common Weakness Enumeration (CWE)

References