Products
Blood Bank Management System
- 1.0
Source
cna@vuldb.com
Tags
CVE-2024-9040 details
Published : Sept. 20, 2024, 5:15 p.m.
Last Modified : Sept. 20, 2024, 5:15 p.m.
Last Modified : Sept. 20, 2024, 5:15 p.m.
Description
A vulnerability, which was classified as problematic, was found in code-projects Blood Bank Management System 1.0. This affects an unknown part of the component Password Handler. The manipulation leads to cleartext storage in a file or on disk. An attack has to be approached locally.
CVSS Score
| 1 | 2.3 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 |
|---|
Weakness
| Weakness | Name | Description |
|---|---|---|
| CWE-313 | Cleartext Storage in a File or on Disk | The product stores sensitive information in cleartext in a file, or on disk. |
CVSS Data
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
Base Score
2.3
Exploitability Score
0.8
Impact Score
1.4
Base Severity
LOW
Vector String : CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
References
| URL | Source |
|---|---|
| https://code-projects.org/ | cna@vuldb.com |
| https://vuldb.com/?ctiid.278211 | cna@vuldb.com |
| https://vuldb.com/?id.278211 | cna@vuldb.com |
This website uses the NVD API, but is not approved or certified by it.