← Voltar para CVEs
CVE-2001-1464
N/ADescricao
Crystal Reports, when displaying data for a password protected database using HTML pages, embeds the username and password in cleartext in the HTML page and the URL, which allows remote attackers to obtain passwords.
Detalhes CVE
Pontuacao CVSS v3.1N/A
Publicado1/10/2001
Ultima modificacao4/16/2026
Fontenvd
Avistamentos honeypot0
Produtos afetados
businessobjects:crystal_reports
Referencias
http://www.kb.cert.org/vuls/id/403307(cve@mitre.org)
https://exchange.xforce.ibmcloud.com/vulnerabilities/7928(cve@mitre.org)
http://www.kb.cert.org/vuls/id/403307(af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/7928(af854a3a-2127-422b-91ae-364da2661108)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.