{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-11097", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "state": "PUBLISHED", "assignerShortName": "VulDB", "dateReserved": "2024-11-11T20:23:06.166Z", "datePublished": "2024-11-12T02:00:13.839Z", "dateUpdated": "2024-11-12T15:57:10.398Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2024-11-12T02:00:13.839Z"}, "title": "SourceCodester Student Record Management System Main Menu infinite loop", "problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-835", "lang": "en", "description": "Infinite Loop"}]}, {"descriptions": [{"type": "CWE", "cweId": "CWE-404", "lang": "en", "description": "Denial of Service"}]}], "affected": [{"vendor": "SourceCodester", "product": "Student Record Management System", "versions": [{"version": "1.0", "status": "affected"}], "modules": ["Main Menu"]}], "descriptions": [{"lang": "en", "value": "A vulnerability has been found in SourceCodester Student Record Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the component Main Menu. The manipulation leads to infinite loop. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used."}, {"lang": "de", "value": "In SourceCodester Student Record Management System 1.0 wurde eine problematische Schwachstelle gefunden. Dabei geht es um eine nicht genauer bekannte Funktion der Komponente Main Menu. Durch Manipulieren mit unbekannten Daten kann eine infinite loop-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs hat dabei lokal zu erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 4.8, "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N", "baseSeverity": "MEDIUM"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 3.3, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "baseSeverity": "LOW"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 3.3, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "baseSeverity": "LOW"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 1.7, "vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:P"}}], "timeline": [{"time": "2024-11-11T00:00:00.000Z", "lang": "en", "value": "Advisory disclosed"}, {"time": "2024-11-11T01:00:00.000Z", "lang": "en", "value": "VulDB entry created"}, {"time": "2024-11-11T21:28:31.000Z", "lang": "en", "value": "VulDB entry last update"}], "credits": [{"lang": "en", "value": "polaris0x1 (VulDB User)", "type": "reporter"}], "references": [{"url": "https://vuldb.com/?id.283918", "name": "VDB-283918 | SourceCodester Student Record Management System Main Menu infinite loop", "tags": ["vdb-entry"]}, {"url": "https://vuldb.com/?ctiid.283918", "name": "VDB-283918 | CTI Indicators (IOB, IOC)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/?submit.441237", "name": "Submit #441237 | SourceCodester Student Record Management System in C++ with Source Code V1.0 Input Buffer Pollution Vulnerability", "tags": ["third-party-advisory"]}, {"url": "https://github.com/Hacker0xone/CVE/issues/5", "tags": ["exploit", "issue-tracking"]}, {"url": "https://www.sourcecodester.com/", "tags": ["product"]}]}, "adp": [{"affected": [{"vendor": "sourcecodester", "product": "student_record_management_system", "cpes": ["cpe:2.3:a:sourcecodester:student_record_management_system:1.0:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "1.0", "status": "affected"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-11-12T15:55:23.721965Z", "id": "CVE-2024-11097", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-11-12T15:57:10.398Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-11097", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-11-12T15:55:23.721965Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:sourcecodester:student_record_management_system:1.0:*:*:*:*:*:*:*"], "vendor": "sourcecodester", "product": "student_record_management_system", "versions": [{"status": "affected", "version": "1.0"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-11-12T15:56:59.932Z"}}], "cna": {"title": "SourceCodester Student Record Management System Main Menu infinite loop", "credits": [{"lang": "en", "type": "reporter", "value": "polaris0x1 (VulDB User)"}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 4.8, "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 3.3, "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 3.3, "baseSeverity": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 1.7, "vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:P"}}], "affected": [{"vendor": "SourceCodester", "modules": ["Main Menu"], "product": "Student Record Management System", "versions": [{"status": "affected", "version": "1.0"}]}], "timeline": [{"lang": "en", "time": "2024-11-11T00:00:00.000Z", "value": "Advisory disclosed"}, {"lang": "en", "time": "2024-11-11T01:00:00.000Z", "value": "VulDB entry created"}, {"lang": "en", "time": "2024-11-11T21:28:31.000Z", "value": "VulDB entry last update"}], "references": [{"url": "https://vuldb.com/?id.283918", "name": "VDB-283918 | SourceCodester Student Record Management System Main Menu infinite loop", "tags": ["vdb-entry"]}, {"url": "https://vuldb.com/?ctiid.283918", "name": "VDB-283918 | CTI Indicators (IOB, IOC)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/?submit.441237", "name": "Submit #441237 | SourceCodester Student Record Management System in C++ with Source Code V1.0 Input Buffer Pollution Vulnerability", "tags": ["third-party-advisory"]}, {"url": "https://github.com/Hacker0xone/CVE/issues/5", "tags": ["exploit", "issue-tracking"]}, {"url": "https://www.sourcecodester.com/", "tags": ["product"]}], "descriptions": [{"lang": "en", "value": "A vulnerability has been found in SourceCodester Student Record Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the component Main Menu. The manipulation leads to infinite loop. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used."}, {"lang": "de", "value": "In SourceCodester Student Record Management System 1.0 wurde eine problematische Schwachstelle gefunden. Dabei geht es um eine nicht genauer bekannte Funktion der Komponente Main Menu. Durch Manipulieren mit unbekannten Daten kann eine infinite loop-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs hat dabei lokal zu erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-835", "description": "Infinite Loop"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-404", "description": "Denial of Service"}]}], "providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2024-11-12T02:00:13.839Z"}}}, "cveMetadata": {"cveId": "CVE-2024-11097", "state": "PUBLISHED", "dateUpdated": "2024-11-12T15:57:10.398Z", "dateReserved": "2024-11-11T20:23:06.166Z", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "datePublished": "2024-11-12T02:00:13.839Z", "assignerShortName": "VulDB"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:razormist:student_record_management_system:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "1524C11E-2F0E-4041-B60B-EA839BE0F991", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability has been found in SourceCodester Student Record Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the component Main Menu. The manipulation leads to infinite loop. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used."}, {"lang": "es", "value": "Se ha encontrado una vulnerabilidad en SourceCodester Student Record Management System 1.0 y se ha clasificado como problem\u00e1tica. Esta vulnerabilidad afecta al c\u00f3digo desconocido del componente Men\u00fa principal. La manipulaci\u00f3n provoca un bucle infinito. Es necesario realizar un ataque local. La vulnerabilidad se ha hecho p\u00fablica y puede utilizarse."}], "id": "CVE-2024-11097", "lastModified": "2024-11-14T15:14:40.767", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 1.7, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 3.1, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "cna@vuldb.com", "type": "Secondary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 3.3, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 1.4, "source": "cna@vuldb.com", "type": "Secondary"}], "cvssMetricV40": [{"cvssData": {"attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "automatable": "NOT_DEFINED", "availabilityRequirements": "NOT_DEFINED", "baseScore": 4.8, "baseSeverity": "MEDIUM", "confidentialityRequirements": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirements": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubsequentSystemAvailability": "NOT_DEFINED", "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnerableSystemAvailability": "NOT_DEFINED", "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "recovery": "NOT_DEFINED", "safety": "NOT_DEFINED", "subsequentSystemAvailability": "NONE", "subsequentSystemConfidentiality": "NONE", "subsequentSystemIntegrity": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnerabilityResponseEffort": "NOT_DEFINED", "vulnerableSystemAvailability": "LOW", "vulnerableSystemConfidentiality": "NONE", "vulnerableSystemIntegrity": "NONE"}, "source": "cna@vuldb.com", "type": "Secondary"}]}, "published": "2024-11-12T02:15:17.817", "references": [{"source": "cna@vuldb.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://github.com/Hacker0xone/CVE/issues/5"}, {"source": "cna@vuldb.com", "tags": ["Permissions Required"], "url": "https://vuldb.com/?ctiid.283918"}, {"source": "cna@vuldb.com", "tags": ["Permissions Required"], "url": "https://vuldb.com/?id.283918"}, {"source": "cna@vuldb.com", "tags": ["Third Party Advisory"], "url": "https://vuldb.com/?submit.441237"}, {"source": "cna@vuldb.com", "tags": ["Product"], "url": "https://www.sourcecodester.com/"}], "sourceIdentifier": "cna@vuldb.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-835"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-404"}, {"lang": "en", "value": "CWE-835"}], "source": "cna@vuldb.com", "type": "Secondary"}]}

{}