Broken Access Control Vulnerability in Combodo iTop Allows Unauthorized Command Injection and System Information Disclosure

Broken Access Control Vulnerability in Combodo iTop Allows Unauthorized Command Injection and System Information Disclosure

CVE-2020-12777 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

A function in Combodo iTop contains a vulnerability of Broken Access Control, which allows unauthorized attacker to inject command and disclose system information.

Learn more about our Web Application Penetration Testing UK.