CVE-2023-48710

iTop is an IT service management platform.  Files from the `env-production` folder can be retrieved even though they should have restricted access.  Hopefully, there is no sensitive files stored in that folder natively, but there could be from a third-party module. 
 The `pages/exec.php` script as been fixed to limit execution of PHP files only.  Other file types won't be retrieved and exposed.  The vulnerability is fixed in 2.7.10, 3.0.4, 3.1.1, and 3.2.0.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
GitHub_MCNA
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CISA-ADPADP
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 58%
VendorProductVersion
combodoitop
𝑥
< 2.7.10
combodoitop
3.0.0 ≤
𝑥
< 3.0.4
combodoitop
3.1.0 ≤
𝑥
< 3.1.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://github.com/Combodo/iTop/commit/3b2da39469f7a4636ed250ed0d33f4efff38be26
https://github.com/Combodo/iTop/security/advisories/GHSA-g652-q7cc-7hfc
https://github.com/Combodo/iTop/commit/3b2da39469f7a4636ed250ed0d33f4efff38be26
https://github.com/Combodo/iTop/security/advisories/GHSA-g652-q7cc-7hfc