CVE-2022-2813

A vulnerability, which was classified as problematic, was found in SourceCodester Guest Management System. Affected is an unknown function. The manipulation leads to cleartext storage of passwords in the database. The identifier of this vulnerability is VDB-206400.

CVSS v3 7.5 HIGH

7.5^/10

CVSS v3 : HIGH

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://vuldb.com/?id.206400	Third Party Advisory VDB Entry

Configurations

Configuration 1 (hide)

cpe:2.3:a:guest_management_system_project:guest_management_system:-:*:*:*:*:*:*:*

History

16 Aug 2022, 16:21

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 7.5
References	~~(MISC) https://vuldb.com/?id.206400 -~~	(MISC) https://vuldb.com/?id.206400 - Third Party Advisory, VDB Entry
CPE		cpe:2.3:a:guest_management_system_project:guest_management_system:-:::::::*

15 Aug 2022, 11:21

Type	Values Removed	Values Added
New CVE

Information

Published : 2022-08-15 11:21

Updated : 2024-02-04 22:51

NVD link : CVE-2022-2813

Mitre link : CVE-2022-2813

CVE.ORG link : CVE-2022-2813

JSON object : View

Products Affected

guest_management_system_project

guest_management_system

CWE

CWE-312

Cleartext Storage of Sensitive Information

{"id": "CVE-2022-2813", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 3.9}, {"type": "Secondary", "source": "cna@vuldb.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 2.8}]}, "published": "2022-08-15T11:21:30.090", "references": [{"url": "https://vuldb.com/?id.206400", "tags": ["Third Party Advisory", "VDB Entry"], "source": "cna@vuldb.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "cna@vuldb.com", "description": [{"lang": "en", "value": "CWE-312"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability, which was classified as problematic, was found in SourceCodester Guest Management System. Affected is an unknown function. The manipulation leads to cleartext storage of passwords in the database. The identifier of this vulnerability is VDB-206400."}, {"lang": "es", "value": "Se ha detectado una vulnerabilidad, clasificada como problem\u00e1tica, en SourceCodester Guest Management System. La funci\u00f3n afectada es desconocida. La manipulaci\u00f3n conlleva a el almacenamiento en texto sin cifrar de las contrase\u00f1as en la base de datos. El identificador de esta vulnerabilidad es VDB-206400."}], "lastModified": "2022-08-16T16:21:24.440", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:guest_management_system_project:guest_management_system:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DD7823B0-9956-47D2-9EF6-AF9D32BF8F11"}], "operator": "OR"}]}], "sourceIdentifier": "cna@vuldb.com"}