CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2001-1464

Crystal Reports, when displaying data for a password protected database using HTML pages, embeds the username and password in cleartext in the HTML page and the URL, which allows remote attackers to obtain passwords.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.007

EPSS Ranking 70.9%

CVSS Severity

CVSS v2 Score 7.5

References

Products affected by CVE-2001-1464

Businessobjects » Crystal Reports » Version: N/A

cpe:2.3:a:businessobjects:crystal_reports:-
Businessobjects » Crystal Reports » Version: 10

cpe:2.3:a:businessobjects:crystal_reports:10
Businessobjects » Crystal Reports » Version: 10.0.0.53327

cpe:2.3:a:businessobjects:crystal_reports:10.0.0.53327
Businessobjects » Crystal Reports » Version: 12.3.1.684

cpe:2.3:a:businessobjects:crystal_reports:12.3.1.684
Businessobjects » Crystal Reports » Version: 7.0

cpe:2.3:a:businessobjects:crystal_reports:7.0
Businessobjects » Crystal Reports » Version: 8.5.0.2176

cpe:2.3:a:businessobjects:crystal_reports:8.5.0.2176
Businessobjects » Crystal Reports » Version: 9

cpe:2.3:a:businessobjects:crystal_reports:9

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2001-1464

Products

Pricing

Contact Us