CVE-1999-1126

LOW2.1/ 10.0
Share:
Published: December 31, 1999 at 05:00 AM
Modified: April 3, 2025 at 01:03 AM
Source: cve@mitre.org

Vulnerability Description

Cisco Resource Manager (CRM) 1.1 and earlier creates certain files with insecure permissions that allow local users to obtain sensitive configuration information including usernames, passwords, and SNMP community strings, from (1) swim_swd.log, (2) swim_debug.log, (3) dbi_debug.log, and (4) temporary files whose names begin with "DPR_".

CVSS Metrics

Base Score
2.1
Severity
LOW
Vector String
AV:L/AC:L/Au:N/C:P/I:N/A:N

Weaknesses (CWE)

NVD-CWE-Other
Source: nvd@nist.gov

References & Intelligence

http://ciac.llnl.gov/ciac/bulletins/i-086.shtml
Source: cve@mitre.org
PatchVendor Advisory
http://www.cisco.com/warp/public/770/crmtmp-pub.shtml
Source: cve@mitre.org
PatchVendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/1575
Source: cve@mitre.org
http://ciac.llnl.gov/ciac/bulletins/i-086.shtml
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
http://www.cisco.com/warp/public/770/crmtmp-pub.shtml
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/1575
Source: af854a3a-2127-422b-91ae-364da2661108

Related Resources

Browse CVE Database
Search 294,000+ vulnerabilities
CVEs from 1999
View all vulnerabilities this year
CWE Database
Explore weakness categories
Security Writeups
Learn from real-world examples
About 4nuxd
Cybersecurity research & tools
Homepage
Explore more security resources