{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2024-10371","assignerOrgId":"1af790b2-7ee1-4545-860a-a788eba489b5","state":"PUBLISHED","assignerShortName":"VulDB","dateReserved":"2024-10-24T19:46:19.112Z","datePublished":"2024-10-25T01:31:06.510Z","dateUpdated":"2024-10-25T18:06:12.245Z"},"containers":{"cna":{"providerMetadata":{"orgId":"1af790b2-7ee1-4545-860a-a788eba489b5","shortName":"VulDB","dateUpdated":"2024-10-25T01:31:06.510Z"},"title":"SourceCodester Payroll Management System main login buffer overflow","problemTypes":[{"descriptions":[{"type":"CWE","cweId":"CWE-120","lang":"en","description":"Buffer Overflow"}]}],"affected":[{"vendor":"SourceCodester","product":"Payroll Management System","versions":[{"version":"1.0","status":"affected"}]}],"descriptions":[{"lang":"en","value":"A vulnerability classified as critical has been found in SourceCodester Payroll Management System 1.0. This affects the function login of the file main. The manipulation leads to buffer overflow. The exploit has been disclosed to the public and may be used."},{"lang":"de","value":"Es wurde eine Schwachstelle in SourceCodester Payroll Management System 1.0 entdeckt. Sie wurde als kritisch eingestuft. Dabei betrifft es die Funktion login der Datei main. Durch das Beeinflussen mit unbekannten Daten kann eine buffer overflow-Schwachstelle ausgenutzt werden. Der Exploit steht zur öffentlichen Verfügung."}],"metrics":[{"cvssV4_0":{"version":"4.0","baseScore":5.3,"vectorString":"CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N","baseSeverity":"MEDIUM"}},{"cvssV3_1":{"version":"3.1","baseScore":6.3,"vectorString":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","baseSeverity":"MEDIUM"}},{"cvssV3_0":{"version":"3.0","baseScore":6.3,"vectorString":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","baseSeverity":"MEDIUM"}},{"cvssV2_0":{"version":"2.0","baseScore":5.8,"vectorString":"AV:A/AC:L/Au:N/C:P/I:P/A:P"}}],"timeline":[{"time":"2024-10-24T00:00:00.000Z","lang":"en","value":"Advisory disclosed"},{"time":"2024-10-24T02:00:00.000Z","lang":"en","value":"VulDB entry created"},{"time":"2024-10-24T21:51:28.000Z","lang":"en","value":"VulDB entry last update"}],"credits":[{"lang":"en","value":"shikang (VulDB User)","type":"reporter"}],"references":[{"url":"https://vuldb.com/?id.281763","name":"VDB-281763 | SourceCodester Payroll Management System main login buffer overflow","tags":["vdb-entry","technical-description"]},{"url":"https://vuldb.com/?ctiid.281763","name":"VDB-281763 | CTI Indicators (IOB, IOC, IOA)","tags":["signature","permissions-required"]},{"url":"https://vuldb.com/?submit.430175","name":"Submit #430175 | SourceCodester Payroll Management System in C++ with Source Code 1.0 Buffer Overflow","tags":["third-party-advisory"]},{"url":"https://github.com/CveSecLook/cve/issues/63","tags":["exploit","issue-tracking"]},{"url":"https://www.sourcecodester.com/","tags":["product"]}]},"adp":[{"affected":[{"vendor":"sourcecodester","product":"payroll_management_system","cpes":["cpe:2.3:a:sourcecodester:payroll_management_system:1.0:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"1.0","status":"affected"}]}],"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2024-10-25T18:05:21.382516Z","id":"CVE-2024-10371","options":[{"Exploitation":"poc"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-10-25T18:06:12.245Z"}}]}}