Itop · Itop · CVE-2021-32663
**Name of the Vulnerable Software and Affected Versions**
iTop versions prior to 2.6.5
iTop versions prior to 2.7.5
**Description**
The issue affects iTop, an open source web-based IT Service Management tool. An attacker can call the system setup without authentication, and given specific parameters, this can lead to Server-Side Request Forgery (SSRF).
**Recommendations**
For versions prior to 2.6.5, update to version 2.6.5 or later.
For versions prior to 2.7.5, update to version 2.7.5 or later.