{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2024-0188","assignerOrgId":"1af790b2-7ee1-4545-860a-a788eba489b5","state":"PUBLISHED","assignerShortName":"VulDB","dateReserved":"2024-01-02T10:22:37.095Z","datePublished":"2024-01-02T15:00:04.424Z","dateUpdated":"2025-06-17T20:29:06.226Z"},"containers":{"cna":{"providerMetadata":{"orgId":"1af790b2-7ee1-4545-860a-a788eba489b5","shortName":"VulDB","dateUpdated":"2024-01-02T15:00:04.424Z"},"title":"RRJ Nueva Ecija Engineer Online Portal change_password_teacher.php weak password","problemTypes":[{"descriptions":[{"type":"CWE","cweId":"CWE-521","lang":"en","description":"CWE-521 Weak Password Requirements"}]}],"affected":[{"vendor":"RRJ","product":"Nueva Ecija Engineer Online Portal","versions":[{"version":"1.0","status":"affected"}]}],"descriptions":[{"lang":"en","value":"A vulnerability, which was classified as problematic, was found in RRJ Nueva Ecija Engineer Online Portal 1.0. This affects an unknown part of the file change_password_teacher.php. The manipulation leads to weak password requirements. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The identifier VDB-249501 was assigned to this vulnerability."},{"lang":"de","value":"Es wurde eine problematische Schwachstelle in RRJ Nueva Ecija Engineer Online Portal 1.0 gefunden. Hiervon betroffen ist ein unbekannter Codeblock der Datei change_password_teacher.php. Durch Beeinflussen mit unbekannten Daten kann eine weak password requirements-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk angegangen werden. Die Komplexität eines Angriffs ist eher hoch. Sie ist schwierig auszunutzen. Der Exploit steht zur öffentlichen Verfügung."}],"metrics":[{"cvssV3_1":{"version":"3.1","baseScore":3.1,"vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N","baseSeverity":"LOW"}},{"cvssV3_0":{"version":"3.0","baseScore":3.1,"vectorString":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N","baseSeverity":"LOW"}},{"cvssV2_0":{"version":"2.0","baseScore":2.1,"vectorString":"AV:N/AC:H/Au:S/C:P/I:N/A:N"}}],"timeline":[{"time":"2024-01-02T00:00:00.000Z","lang":"en","value":"Advisory disclosed"},{"time":"2024-01-02T01:00:00.000Z","lang":"en","value":"VulDB entry created"},{"time":"2024-01-02T11:28:00.000Z","lang":"en","value":"VulDB entry last update"}],"credits":[{"lang":"en","value":"ahmed8199 (VulDB User)","type":"analyst"}],"references":[{"url":"https://vuldb.com/?id.249501","tags":["vdb-entry"]},{"url":"https://vuldb.com/?ctiid.249501","tags":["signature","permissions-required"]},{"url":"https://mega.nz/file/2V9ARboA#-JIGiuLxxbri4T1mDEHl8OBeDrwLogoQlLiIji1AQZk","tags":["exploit"]}]},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-01T17:41:16.071Z"},"title":"CVE Program Container","references":[{"url":"https://vuldb.com/?id.249501","tags":["vdb-entry","x_transferred"]},{"url":"https://vuldb.com/?ctiid.249501","tags":["signature","permissions-required","x_transferred"]},{"url":"https://mega.nz/file/2V9ARboA#-JIGiuLxxbri4T1mDEHl8OBeDrwLogoQlLiIji1AQZk","tags":["exploit","x_transferred"]}]},{"metrics":[{"other":{"type":"ssvc","content":{"id":"CVE-2024-0188","role":"CISA Coordinator","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"version":"2.0.3","timestamp":"2024-01-02T15:35:31.857797Z"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-06-17T20:29:06.226Z"}}]}}