{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-20T14:43:35.562","vulnerabilities":[{"cve":{"id":"CVE-2024-52601","sourceIdentifier":"security-advisories@github.com","published":"2025-05-14T15:15:55.200","lastModified":"2025-08-01T18:39:53.140","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"iTop is an web based IT Service Management tool. Prior to versions 2.7.12, 3.1.3, and 3.2.1, anyone with an account having portal access can have read access to objects they're not allowed to see by querying an unprotected route. Versions 2.7.12, 3.1.3, and 3.2.1 contain a fix for the issue."},{"lang":"es","value":"iTop es una herramienta web de gestión de servicios de TI. En versiones anteriores a las 2.7.12, 3.1.3 y 3.2.1, cualquier persona con una cuenta con acceso al portal podía tener acceso de lectura a objetos que no tenía permitido ver consultando una ruta sin protección. Las versiones 2.7.12, 3.1.3 y 3.2.1 incluyen una solución para este problema."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-639"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:combodo:itop:*:*:*:*:*:*:*:*","versionEndExcluding":"2.7.12","matchCriteriaId":"FC277226-1ABB-4593-B14C-4910541DA298"},{"vulnerable":true,"criteria":"cpe:2.3:a:combodo:itop:*:*:*:*:*:*:*:*","versionStartIncluding":"3.0.0","versionEndExcluding":"3.1.3","matchCriteriaId":"2C365D2D-CA46-4DA0-8739-7950631132E0"},{"vulnerable":true,"criteria":"cpe:2.3:a:combodo:itop:*:*:*:*:*:*:*:*","versionStartIncluding":"3.2.0","versionEndExcluding":"3.2.1","matchCriteriaId":"6BE41CA6-35B8-41BA-B116-B63136CA48C9"}]}]}],"references":[{"url":"https://github.com/Combodo/iTop/security/advisories/GHSA-cph2-466c-3f87","source":"security-advisories@github.com","tags":["Vendor Advisory"]}]}}]}