PT-2001-2555 · Sap · Crystal Reports

Publicado

2001-01-10

Atualizado

2017-07-11

CVE-2001-1464

CVSS v2.0

7.5

Alta

Vetor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Crystal Reports (affected versions not specified)

Description The issue allows remote attackers to obtain passwords when Crystal Reports displays data for a password-protected database using HTML pages. This occurs because the username and password are embedded in cleartext in the HTML page and the URL.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2001-1464

Produtos afetados

Crystal Reports

PT-2001-2555 · Sap · Crystal Reports

CVE-2001-1464

Identificadores relacionados

Produtos afetados

Referências · 3