CVE-2024-12355: SourceCodester Phone Contact Manager System ContactBook.cpp adding input validation

4.8 CVSS

Description

A vulnerability has been found in SourceCodester Phone Contact Manager System 1.0 and classified as problematic. Affected by this vulnerability is the function ContactBook::adding of the file ContactBook.cpp. The manipulation leads to improper input validation. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. In SourceCodester Phone Contact Manager System 1.0 wurde eine Schwachstelle gefunden. Sie wurde als problematisch eingestuft. Es geht um die Funktion ContactBook::adding der Datei ContactBook.cpp. Durch Beeinflussen mit unbekannten Daten kann eine improper input validation-Schwachstelle ausgenutzt werden. Der Angriff muss lokal angegangen werden. Der Exploit steht zur öffentlichen Verfügung.

Classification

CVE ID: CVE-2024-12355

CVSS Base Severity: MEDIUM

CVSS Base Score: 4.8

Affected Products

Vendor: SourceCodester

Product: Phone Contact Manager System

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.04% (probability of being exploited)

EPSS Percentile: 5.06% (scored less or equal to compared to others)

EPSS Date: 2025-02-03 (when was this score calculated)

References

https://vuldb.com/?id.287275
https://vuldb.com/?ctiid.287275
https://vuldb.com/?submit.457864
https://github.com/TinkAnet/cve/blob/main/BOF2.md
https://www.sourcecodester.com/

Timeline

2024-12-10 00:31:08 UTC
CVE

SourceCodester Phone Contact Manager System ContactBook.cpp adding input validation