CVE-1999-1126
0
5
10
Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N
Link copied!
Description
Cisco Resource Manager (CRM) 1.1 and earlier creates certain files with insecure permissions that allow local users to obtain sensitive configuration information including usernames, passwords, and SNMP community strings, from (1) swim_swd.log, (2) swim_debug.log, (3) dbi_debug.log, and (4) temporary files whose names begin with "DPR_".
CVSS Vector Details
Attack Vector
Local
Attack Complexity
Low
Confidentiality
P
Integrity
None
Availability
None
Affected Software Configurations
- a cisco resource_manager * * * * * * * *
Weaknesses (CWE)
- NVD-CWE-Other
References & External Links
- http://ciac.llnl.gov/ciac/bulletins/i-086.shtml
- http://www.cisco.com/warp/public/770/crmtmp-pub.shtml
- https://exchange.xforce.ibmcloud.com/vulnerabilities/1575
- http://ciac.llnl.gov/ciac/bulletins/i-086.shtml
- http://www.cisco.com/warp/public/770/crmtmp-pub.shtml
- https://exchange.xforce.ibmcloud.com/vulnerabilities/1575