Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
7.5
CVSSv2
CVE-2020-35775
Published: 15/02/2021 Updated: 19/04/2021
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
VMScore: 668
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Vulnerability Summary
CITSmart prior to 9.1.2.23 allows LDAP Injection.
Subscribe to Citsmart
Vulnerability Trend
Vulnerable Product
Search on Vulmon
Subscribe to Product
citsmart citsmart
Exploits
Exploit DB: CITSmart ITSM 9.1.2.22 LDAP Injection
CITSmart ITSM version 91222 suffers from an LDAP injection vulnerability ...
References
CWE-74
https://github.com/nardnet/citsmart/blob/master/WEB-INF/src/br/com/centralit/citcorpore/integracao/ad/LDAPUtils.java
https://citsmart.com.br/solucoes/itsm-2/
https://rdstation-static.s3.amazonaws.com/cms/files/86153/1597862259Ebook-Whatsnew-CITSmart.pdf
https://docs.citsmart.com/pt-br/citsmart-platform-9/get-started/about-citsmart/release-notes.html
http://packetstormsecurity.com/files/162181/CITSmart-ITSM-9.1.2.22-LDAP-Injection.html
https://nvd.nist.gov
https://packetstormsecurity.com/files/162181/CITSmart-ITSM-9.1.2.22-LDAP-Injection.html
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started