{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2024-12355","assignerOrgId":"1af790b2-7ee1-4545-860a-a788eba489b5","state":"PUBLISHED","assignerShortName":"VulDB","dateReserved":"2024-12-08T17:08:44.848Z","datePublished":"2024-12-09T01:31:07.752Z","dateUpdated":"2024-12-12T13:45:10.433Z"},"containers":{"cna":{"providerMetadata":{"orgId":"1af790b2-7ee1-4545-860a-a788eba489b5","shortName":"VulDB","dateUpdated":"2024-12-09T01:31:07.752Z"},"title":"SourceCodester Phone Contact Manager System ContactBook.cpp adding input validation","problemTypes":[{"descriptions":[{"type":"CWE","cweId":"CWE-20","lang":"en","description":"Improper Input Validation"}]}],"affected":[{"vendor":"SourceCodester","product":"Phone Contact Manager System","versions":[{"version":"1.0","status":"affected"}]}],"descriptions":[{"lang":"en","value":"A vulnerability has been found in SourceCodester Phone Contact Manager System 1.0 and classified as problematic. Affected by this vulnerability is the function ContactBook::adding of the file ContactBook.cpp. The manipulation leads to improper input validation. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used."},{"lang":"de","value":"In SourceCodester Phone Contact Manager System 1.0 wurde eine Schwachstelle gefunden. Sie wurde als problematisch eingestuft. Es geht um die Funktion ContactBook::adding der Datei ContactBook.cpp. Durch Beeinflussen mit unbekannten Daten kann eine improper input validation-Schwachstelle ausgenutzt werden. Der Angriff muss lokal angegangen werden. Der Exploit steht zur öffentlichen Verfügung."}],"metrics":[{"cvssV4_0":{"version":"4.0","baseScore":4.8,"vectorString":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N","baseSeverity":"MEDIUM"}},{"cvssV3_1":{"version":"3.1","baseScore":3.3,"vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N","baseSeverity":"LOW"}},{"cvssV3_0":{"version":"3.0","baseScore":3.3,"vectorString":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N","baseSeverity":"LOW"}},{"cvssV2_0":{"version":"2.0","baseScore":1.7,"vectorString":"AV:L/AC:L/Au:S/C:N/I:P/A:N"}}],"timeline":[{"time":"2024-12-08T00:00:00.000Z","lang":"en","value":"Advisory disclosed"},{"time":"2024-12-08T01:00:00.000Z","lang":"en","value":"VulDB entry created"},{"time":"2024-12-08T18:15:48.000Z","lang":"en","value":"VulDB entry last update"}],"credits":[{"lang":"en","value":"Tinkanet (VulDB User)","type":"reporter"}],"references":[{"url":"https://vuldb.com/?id.287275","name":"VDB-287275 | SourceCodester Phone Contact Manager System ContactBook.cpp adding input validation","tags":["vdb-entry","technical-description"]},{"url":"https://vuldb.com/?ctiid.287275","name":"VDB-287275 | CTI Indicators (IOB, IOC, IOA)","tags":["signature","permissions-required"]},{"url":"https://vuldb.com/?submit.457864","name":"Submit #457864 | SourceCodester Phone Contact Manager System V1.0 Buffer Pollution","tags":["third-party-advisory"]},{"url":"https://github.com/TinkAnet/cve/blob/main/BOF2.md","tags":["exploit"]},{"url":"https://www.sourcecodester.com/","tags":["product"]}]},"adp":[{"affected":[{"vendor":"razormist","product":"phone_contact_manager_system","cpes":["cpe:2.3:a:razormist:phone_contact_manager_system:1.0:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"1.0","status":"affected"}]}],"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2024-12-09T19:59:06.878088Z","id":"CVE-2024-12355","options":[{"Exploitation":"poc"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-12-12T13:45:10.433Z"}}]}}