CVE-2024-9040 MEDIUM

CVE-2024-9040: code-projects Blood Bank Management System Password cleartext storage in a file or on disk

Vendor Code-Projects
Product Blood Bank Management System
Weakness CWE-313
Published September 20, 2024
Last update September 20, 2024

CVSS base score

4.6/10
Attack vector Local
Attack complexity Low
Privileges required High
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

What the vulnerability does

01Description

A vulnerability, which was classified as problematic, was found in code-projects Blood Bank Management System 1.0. This affects an unknown part of the component Password Handler. The manipulation leads to cleartext storage in a file or on disk. An attack has to be approached locally.

Key dates

02Disclosure timeline

September 20, 2024 CVE published
September 20, 2024 Record updated