Vulnerabilities > CVE-2020-15218 - Insufficient Session Expiration vulnerability in Combodo Itop

047910
CVSS 3.5 - LOW
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
SINGLE
Confidentiality impact
PARTIAL
Integrity impact
NONE
Availability impact
NONE
network
combodo
CWE-613
NVD
Published: 2021-01-13
Updated: 2021-01-15

Summary

Combodo iTop is a web based IT Service Management tool. In iTop before versions 2.7.2 and 3.0.0, admin pages are cached, so that their content is visible after deconnection by using the browser back button. This is fixed in versions 2.7.2 and 3.0.0.

Vulnerable Configurations

Part Description Count
Application
Combodo
80

Common Weakness Enumeration (CWE)

References