{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2024-10122","assignerOrgId":"1af790b2-7ee1-4545-860a-a788eba489b5","state":"PUBLISHED","assignerShortName":"VulDB","dateReserved":"2024-10-18T12:11:49.059Z","datePublished":"2024-10-18T19:00:05.789Z","dateUpdated":"2024-10-18T19:56:36.020Z"},"containers":{"cna":{"providerMetadata":{"orgId":"1af790b2-7ee1-4545-860a-a788eba489b5","shortName":"VulDB","dateUpdated":"2024-10-18T19:00:05.789Z"},"title":"Topdata Inner Rep Plus WebServer Operator Details Form InnerRepPlus.html missing password field masking","problemTypes":[{"descriptions":[{"type":"CWE","cweId":"CWE-549","lang":"en","description":"Missing Password Field Masking"}]}],"affected":[{"vendor":"Topdata","product":"Inner Rep Plus WebServer","versions":[{"version":"2.01","status":"affected"}],"modules":["Operator Details Form"]}],"descriptions":[{"lang":"en","value":"A vulnerability was found in Topdata Inner Rep Plus WebServer 2.01. It has been classified as problematic. Affected is an unknown function of the file /InnerRepPlus.html of the component Operator Details Form. The manipulation leads to missing password field masking. It is possible to launch the attack remotely. The vendor was contacted early about this disclosure but did not respond in any way."},{"lang":"de","value":"Es wurde eine problematische Schwachstelle in Topdata Inner Rep Plus WebServer 2.01 ausgemacht. Betroffen hiervon ist ein unbekannter Ablauf der Datei /InnerRepPlus.html der Komponente Operator Details Form. Durch das Manipulieren mit unbekannten Daten kann eine missing password field masking-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff über das Netzwerk."}],"metrics":[{"cvssV4_0":{"version":"4.0","baseScore":5.1,"vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N","baseSeverity":"MEDIUM"}},{"cvssV3_1":{"version":"3.1","baseScore":2.7,"vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N","baseSeverity":"LOW"}},{"cvssV3_0":{"version":"3.0","baseScore":2.7,"vectorString":"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N","baseSeverity":"LOW"}},{"cvssV2_0":{"version":"2.0","baseScore":3.3,"vectorString":"AV:N/AC:L/Au:M/C:P/I:N/A:N"}}],"timeline":[{"time":"2024-10-18T00:00:00.000Z","lang":"en","value":"Advisory disclosed"},{"time":"2024-10-18T02:00:00.000Z","lang":"en","value":"VulDB entry created"},{"time":"2024-10-18T14:17:02.000Z","lang":"en","value":"VulDB entry last update"}],"credits":[{"lang":"en","value":"j369 (VulDB User)","type":"reporter"}],"references":[{"url":"https://vuldb.com/?id.280914","name":"VDB-280914 | Topdata Inner Rep Plus WebServer Operator Details Form InnerRepPlus.html missing password field masking","tags":["vdb-entry"]},{"url":"https://vuldb.com/?ctiid.280914","name":"VDB-280914 | CTI Indicators (IOB, IOC, TTP, IOA)","tags":["signature","permissions-required"]},{"url":"https://vuldb.com/?submit.421292","name":"Submit #421292 | Topdata Top Data Inner Rep Plus Web Server v.2.01 Missing Password Field Masking","tags":["third-party-advisory"]}]},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2024-10-18T19:56:26.597146Z","id":"CVE-2024-10122","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-10-18T19:56:36.020Z"}}]}}