CVE-2024-0349

Published Jan 9, 2024

Last updated 11 days ago

Overview

Description
A vulnerability was found in SourceCodester Engineers Online Portal 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to sensitive cookie without secure attribute. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The identifier VDB-250117 was assigned to this vulnerability.
Source
cna@vuldb.com
NVD status
Modified

Risk scores

CVSS 3.1

Type
Primary
Base score
5.3
Impact score
1.4
Exploitability score
3.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Severity
MEDIUM

CVSS 2.0

Type
Secondary
Base score
2.6
Impact score
2.9
Exploitability score
4.9
Vector string
AV:N/AC:H/Au:N/C:P/I:N/A:N

Weaknesses

cna@vuldb.com
CWE-614

Social media

Hype score
Not currently trending

Configurations