CVE-2024-12355

CWE-20 — Improper Input Validation3 documents3 sources

Severity

4.8MEDIUM

EPSS

0.1%

top 79.82%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Sourcecodester Phone Contact Manager System Razormist Phone Contact Manager System

Timeline

PublishedDec 9

Description

A vulnerability has been found in SourceCodester Phone Contact Manager System 1.0 and classified as problematic. Affected by this vulnerability is the function ContactBook::adding of the file ContactBook.cpp. The manipulation leads to improper input validation. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used.

CVSS vector

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

Affected Packages2 packages

▶CVEListV5sourcecodester/phone_contact_manager_system1.0

▶NVDrazormist/phone_contact_manager_system1.0

🔴Vulnerability Details

GHSA

GHSA-wx36-4mc3-6qf5: A vulnerability has been found in SourceCodester Phone Contact Manager System 1↗2024-12-09

▶

CVEList

SourceCodester Phone Contact Manager System ContactBook.cpp adding input validation↗2024-12-09

▶