{ "affected": [ { "database_specific": { "unresolved_ranges": [ { "events": [ { "introduced": "0" }, { "last_affected": "3.0.0-beta1" } ] } ] }, "ranges": [ { "database_specific": { "versions": [ { "introduced": "0" }, { "fixed": "2.7.1" }, { "introduced": "0" }, { "last_affected": "3.0.0-alpha" }, { "introduced": "0" }, { "last_affected": "3.0.0-beta" }, { "introduced": "0" }, { "last_affected": "3.0.0-beta2" }, { "introduced": "0" }, { "last_affected": "3.0.0-beta3" }, { "introduced": "0" }, { "last_affected": "3.0.0-beta4" }, { "introduced": "0" }, { "last_affected": "3.0.0-beta5" }, { "introduced": "0" }, { "last_affected": "3.0.0-beta6" }, { "introduced": "0" }, { "last_affected": "3.0.0-beta7" }, { "introduced": "0" }, { "last_affected": "3.0.0-beta8" }, { "introduced": "0" }, { "last_affected": "3.0.0-rc" } ] }, "events": [ { "introduced": "0" }, { "fixed": "94f9b16c03c4f9a232f677212aecde616b09b95e" }, { "introduced": "0" }, { "last_affected": "fc24746862778d60fd135c076aa1d621a723f965" }, { "introduced": "0" }, { "last_affected": "94fdc79be58b298ff5d1215c3b6103c0b1f19fed" }, { "introduced": "0" }, { "last_affected": "aa9ab1ace5bf85fa4150fa9b0227382ee138817d" }, { "introduced": "0" }, { "last_affected": "007e1ded0db683e3459d70eb7665e166676a95f6" }, { "introduced": "0" }, { "last_affected": "8e0ae67803ee0289a161552d86f78c6c71529343" }, { "introduced": "0" }, { "last_affected": "f9fc85e763daa10cd553c983c01a3af451fa57d1" }, { "introduced": "0" }, { "last_affected": "b0904cabfddc875b24ca6e144e83b3fccbf187df" }, { "introduced": "0" }, { "last_affected": "e23c41232dc690ff1d511eb16534cf818dc3cd52" }, { "introduced": "0" }, { "last_affected": "827a108a380398b7a45809a58321eb92f01c51ea" }, { "introduced": "0" }, { "last_affected": "9bfa60d272c2a4246198334d55d966ac8bed098e" } ], "repo": "https://github.com/combodo/itop", "type": "GIT" } ] } ], "details": "A function in Combodo iTop contains a vulnerability of Broken Access Control, which allows unauthorized attacker to inject command and disclose system information.", "id": "CVE-2020-12777", "modified": "2026-03-13T21:58:00.225134404Z", "published": "2020-08-10T03:15:12.263Z", "references": [ { "type": "ADVISORY", "url": "https://github.com/Combodo/iTop/security/advisories/GHSA-88fq-r22m-64q2" }, { "type": "ADVISORY", "url": "https://www.twcert.org.tw/tw/cp-132-3833-46ae7-1.html" } ], "related": [ "GHSA-88fq-r22m-64q2" ], "severity": [ { "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "type": "CVSS_V3" } ] }