CVE-2024-6118
EUVD-2024-4726505.08.2024, 05:15
A Plaintext Storage of a Password vulnerability in ebooknote function in Hamastar MeetingHub Paperless Meetings 2021 allows remote attackers to obtain the other users’ credentials and gain access to the product via an XML file.Enginsight
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
| Vendor | Product | Version | Source |
|---|---|---|---|
| hamastar | meetinghub_paperless_meetings | 2021 | ADP |
Common Weakness Enumeration
- CWE-256 - Plaintext Storage of a PasswordStoring a password in plaintext may result in a system compromise.
- CWE-522 - Insufficiently Protected CredentialsThe product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.
References