ByteOS Network

NVD Vulnerability Details :

CVE-2001-1464

Deferred

Source-cve@mitre.org

Published At-10 Jan, 2001 | 05:00

Updated At-03 Apr, 2025 | 01:03

Crystal Reports, when displaying data for a password protected database using HTML pages, embeds the username and password in cleartext in the HTML page and the URL, which allows remote attackers to obtain passwords.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Primary	2.0	7.5	HIGH	AV:N/AC:L/Au:N/C:P/I:P/A:P

Type: Primary

Version: 2.0

Base score: 7.5

Base severity: HIGH

Vector:

AV:N/AC:L/Au:N/C:P/I:P/A:P

CPE Matches

businessobjects>>crystal_reports>>*

cpe:2.3:a:businessobjects:crystal_reports:*:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
NVD-CWE-Other	Primary	nvd@nist.gov

CWE ID: NVD-CWE-Other

Type: Primary

Source: nvd@nist.gov

References

Hyperlink	Source	Resource
http://www.kb.cert.org/vuls/id/403307	cve@mitre.org	Exploit Third Party Advisory US Government Resource
https://exchange.xforce.ibmcloud.com/vulnerabilities/7928	cve@mitre.org	N/A
http://www.kb.cert.org/vuls/id/403307	af854a3a-2127-422b-91ae-364da2661108	Exploit Third Party Advisory US Government Resource
https://exchange.xforce.ibmcloud.com/vulnerabilities/7928	af854a3a-2127-422b-91ae-364da2661108	N/A

Hyperlink: http://www.kb.cert.org/vuls/id/403307

Source: cve@mitre.org

Resource:

Exploit

Third Party Advisory

US Government Resource

Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/7928

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://www.kb.cert.org/vuls/id/403307

Source: af854a3a-2127-422b-91ae-364da2661108

Resource:

Exploit

Third Party Advisory

US Government Resource

Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/7928

Source: af854a3a-2127-422b-91ae-364da2661108

Resource: N/A

CISA Catalog

Metrics

CPE Matches

Weaknesses

Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References

Change History