Published on: 07/21/2021 12:00:00 AM UTC
Last Modified on: 07/21/2021 03:21:00 PM UTC
Combodo iTop is an open source, web based IT Service Management tool. In versions prior to 2.7.4, there is a command injection vulnerability in the Setup Wizard when providing Graphviz executable path. The vulnerability is patched in version 2.7.4 and 3.0.0.
- CVE-2021-21406 has been assigned by [email protected] to track the vulnerability
- Affected Vendor/Software: Combodo - iTop version < 2.7.4
|Command Injection vulnerability in the Setup Wizard · Advisory · Combodo/iTop · GitHub|| github.com |