Sensitive Data Exposure in Combodo iTop IT Service Management Tool
CVE-2024-51993
Currently unrated
What is CVE-2024-51993?
The Combodo iTop IT Service Management tool has a significant security issue where misconfigured user accounts allow unauthorized access to sensitive data. Specifically, if an attacker gains access to backup files or the database, they could read stored passwords as they are not adequately encrypted. This vulnerability underscores the importance of proper configuration and secure handling of sensitive data. Users are urged to upgrade to version 3.2.0 or above to mitigate the risk and ensure that their backups are independently encrypted.