Vulnerabilities > CVE-2024-10122 - Missing Password Field Masking vulnerability in Topdata Inner REP Plus 2.01

CVSS 4.9 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

HIGH

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

network

low complexity

topdata

CWE-549

NVD

Published: 2024-10-18

Updated: 2024-11-06

Summary

A vulnerability was found in Topdata Inner Rep Plus WebServer 2.01. It has been classified as problematic. Affected is an unknown function of the file /InnerRepPlus.html of the component Operator Details Form. The manipulation leads to missing password field masking. It is possible to launch the attack remotely. The vendor was contacted early about this disclosure but did not respond in any way.

Vulnerable Configurations

Part	Description	Count
Application	Topdata Topdata Inner REP Plus 2.01	1

Common Weakness Enumeration (CWE)

CWE-549 - Missing Password Field Masking

References

https://vuldb.com/?id.280914
https://vuldb.com/?ctiid.280914
https://vuldb.com/?submit.421292