{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-10T16:24:38.482","vulnerabilities":[{"cve":{"id":"CVE-2024-32870","sourceIdentifier":"security-advisories@github.com","published":"2024-11-05T00:15:04.297","lastModified":"2024-11-13T01:07:24.057","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Combodo iTop is a simple, web based IT Service Management tool. Server, OS, DBMS, PHP, and iTop info (name, version and parameters) can be read by anyone having access to iTop URI. This issue has been patched in versions 2.7.11, 3.0.5, 3.1.2, and 3.2.0. Users are advised to upgrade. There are no known workarounds for this vulnerability."},{"lang":"es","value":"Combodo iTop es una herramienta de gestión de servicios de TI sencilla y basada en la web. Cualquier persona que tenga acceso a la URI de iTop puede leer la información del servidor, el sistema operativo, el DBMS, PHP e iTop (nombre, versión y parámetros). Este problema se ha corregido en las versiones 2.7.11, 3.0.5, 3.1.2 y 3.2.0. Se recomienda a los usuarios que actualicen la versión. No se conocen soluciones alternativas para esta vulnerabilidad."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N","baseScore":5.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N","baseScore":5.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-200"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:combodo:itop:*:*:*:*:*:*:*:*","versionEndExcluding":"2.7.11","matchCriteriaId":"1BF82095-AA7D-454F-9228-78EC4D8CD5CE"},{"vulnerable":true,"criteria":"cpe:2.3:a:combodo:itop:*:*:*:*:*:*:*:*","versionStartIncluding":"3.0.0","versionEndExcluding":"3.0.5","matchCriteriaId":"BB27E0C9-520F-4289-AB31-A4DDAD763F52"},{"vulnerable":true,"criteria":"cpe:2.3:a:combodo:itop:*:*:*:*:*:*:*:*","versionStartIncluding":"3.1.0","versionEndExcluding":"3.1.2","matchCriteriaId":"88B32C5C-D9F9-4719-ACA5-217D1E696D4C"}]}]}],"references":[{"url":"https://github.com/Combodo/iTop/security/advisories/GHSA-rfjh-2f5x-qxmx","source":"security-advisories@github.com","tags":["Vendor Advisory"]}]}}]}