CVE-2023-38511

CVSS 3.1 Score 5.0 of 10 (medium)

Details

Published Apr 15, 2024

CWE ID 22

Summary

CVE-2023-38511 is a vulnerability affecting the iTop IT service management platform. In the dashboard editor, users can load multiple files and URLs, unintentionally exposing the full path of the dashboard configuration file. This issue poses a potential security risk, as an attacker could gain unauthorized access to sensitive data. The vulnerability has been resolved in versions 3.0.4 and 3.1.1.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/sCSRnC
https://www.cve.org/CVERecord?id=CVE-2023-38511
https://nvd.nist.gov/vuln/detail/CVE-2023-38511

Back to Vulnerability Database

CVE-2023-38511

CVSS 3.1 Score 5.0 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations