Lucene search
+L

4 matches found

nvd
nvd
added 2023/03/14 4:15 p.m.26 views

CVE-2022-39216

Combodo iTop is an open source, web-based IT service management platform. Prior to versions 2.7.8 and 3.0.2-1, the reset password token is generated without any randomness parameter. This may lead to account takeover. The issue is fixed in versions 2.7.8 and 3.0.2-1...

9.8CVSS7.8AI score0.00912EPSS
Exploits0References3
cve
cve
added 2023/03/14 3:10 p.m.54 views

CVE-2022-39216

CVE-2022-39216 affects Combodo iTop. Before versions 2.7.8 and 3.0.2-1, the reset password token is generated without any randomness parameter, which may lead to account takeover. The issue is fixed in versions 2.7.8 and 3.0.2-1. Vectors/exploitation details beyond this are not provided in the ac...

9.8CVSS8.4AI score0.00912EPSS
Exploits0References3Affected Software1
cvelist
cvelist
added 2023/03/14 3:10 p.m.34 views

CVE-2022-39216 Combodo iTop's weak password reset token leads to account takeover

Combodo iTop is an open source, web-based IT service management platform. Prior to versions 2.7.8 and 3.0.2-1, the reset password token is generated without any randomness parameter. This may lead to account takeover. The issue is fixed in versions 2.7.8 and 3.0.2-1...

7.4CVSS9.5AI score0.00912EPSS
Exploits0References3
osv
osv
added 2023/03/14 3:10 p.m.24 views

CVE-2022-39216 Combodo iTop's weak password reset token leads to account takeover

Combodo iTop is an open source, web-based IT service management platform. Prior to versions 2.7.8 and 3.0.2-1, the reset password token is generated without any randomness parameter. This may lead to account takeover. The issue is fixed in versions 2.7.8 and 3.0.2-1...

7.4CVSS8.8AI score0.00912EPSS
Exploits0References5
Rows per page
Query Builder