Vulnerability Details CVE-1999-1126
Cisco Resource Manager (CRM) 1.1 and earlier creates certain files with insecure permissions that allow local users to obtain sensitive configuration information including usernames, passwords, and SNMP community strings, from (1) swim_swd.log, (2) swim_debug.log, (3) dbi_debug.log, and (4) temporary files whose names begin with "DPR_".
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 26.0%
CVSS Severity
CVSS v2 Score 2.1
References
- http://ciac.llnl.gov/ciac/bulletins/i-086.shtml
- http://www.cisco.com/warp/public/770/crmtmp-pub.shtml
- https://exchange.xforce.ibmcloud.com/vulnerabilities/1575
- http://ciac.llnl.gov/ciac/bulletins/i-086.shtml
- http://www.cisco.com/warp/public/770/crmtmp-pub.shtml
- https://exchange.xforce.ibmcloud.com/vulnerabilities/1575
Products affected by CVE-1999-1126
-
cpe:2.3:a:cisco:resource_manager:-
-
cpe:2.3:a:cisco:resource_manager:1.0
-
cpe:2.3:a:cisco:resource_manager:1.1