Vulnerabilities > CVE-2001-1464 - Unspecified vulnerability in Businessobjects Crystal Reports
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Crystal Reports, when displaying data for a password protected database using HTML pages, embeds the username and password in cleartext in the HTML page and the URL, which allows remote attackers to obtain passwords.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |