What is CVE-1999-1277?

CVE-1999-1277 is a publicly disclosed cybersecurity vulnerability with a MEDIUM severity rating and CVSS score of 4.6.

How to search for CVE vulnerabilities?

You can search the 4nuxd CVE database using CVE IDs, vendor names, product names, or severity levels.

CVE-1999-1277

MEDIUM4.6/ 10.0

Published: December 24, 1998 at 05:00 AM

Modified: April 3, 2025 at 01:03 AM

Source: cve@mitre.org

Vulnerability Description

BackWeb client stores the username and password in cleartext for proxy authentication in the Communication registry key, which could allow other local users to gain privileges by reading the password.

CVSS Metrics

Base Score

4.6

Severity

MEDIUM

Vector String

AV:L/AC:L/Au:N/C:P/I:P/A:P

Weaknesses (CWE)

NVD-CWE-Other

Source: nvd@nist.gov

AI Security Analysis

01 // Technical Summary

BackWeb client versions are vulnerable to a local privilege escalation attack. This vulnerability allows an attacker to retrieve cleartext credentials stored in the Windows registry, enabling them to potentially access sensitive information or gain unauthorized access to network resources. Successful exploitation grants the attacker the same privileges as the user running the BackWeb client.

02 // Vulnerability Mechanism

Step 1: Identify Target: The attacker identifies a system running a vulnerable version of the BackWeb client.

Step 2: Access the Registry: The attacker gains local access to the target system, either through physical access, compromised user account, or other local vulnerability.

Step 3: Locate the Registry Key: The attacker navigates to the HKEY_CURRENT_USER\Software\BackWeb\Communication registry key.

Step 4: Read Credentials: The attacker reads the Username and Password values stored in cleartext within the Communication key.

Step 5: Utilize Credentials: The attacker uses the retrieved username and password to authenticate to the proxy server, potentially gaining access to network resources or sensitive information.

03 // Deep Technical Analysis

The root cause of CVE-1999-1277 lies in the insecure storage of proxy authentication credentials. The BackWeb client, designed to manage and deliver content, stores the username and password used for proxy authentication in the Windows registry under the Communication key. This storage is done in cleartext, meaning the credentials are not encrypted or obfuscated. Any user with read access to the registry key can easily retrieve the username and password, effectively bypassing the intended authentication mechanisms. The flaw is a simple lack of secure credential management, failing to protect sensitive information from unauthorized access. There is no complex buffer overflow or race condition involved; the vulnerability is a straightforward design flaw.