Vulnerability Database

290,020

Total vulnerabilities in the database

CVE-2021-32663

iTop is an open source web based IT Service Management tool. In affected versions an attacker can call the system setup without authentication. Given specific parameters this can lead to SSRF. This issue has been resolved in versions 2.6.5 and 2.7.5 and later

  • Published: Oct 19, 2021
  • Updated: Apr 14, 2023
  • CVE: CVE-2021-32663
  • Severity: High
  • Exploit:

CVSS v3:

  • Severity: High
  • Score: 7.5
  • AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

CVSS v2:

  • Severity: Medium
  • Score: 5
  • AV:N/AC:L/Au:N/C:N/I:P/A:N

CWEs:

Software From Fixed in
combodo / itop 2.7.0 2.7.5
combodo / itop - 2.6.5