CVE-1999-1126 - CVE Details

Description

Cisco Resource Manager (CRM) 1.1 and earlier creates certain files with insecure permissions that allow local users to obtain sensitive configuration information including usernames, passwords, and SNMP community strings, from (1) swim_swd.log, (2) swim_debug.log, (3) dbi_debug.log, and (4) temporary files whose names begin with "DPR_".

Severity

Overall Severity: N/A

CVSS Metrics

Type	Score	Severity	Vector

Affected Products

cisco - resource_manager

Affected Versions:

References

http://ciac.llnl.gov/ciac/bulletins/i-086.shtml
PatchVendor Advisory
http://www.cisco.com/warp/public/770/crmtmp-pub.shtml
PatchVendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/1575
http://ciac.llnl.gov/ciac/bulletins/i-086.shtml
PatchVendor Advisory
http://www.cisco.com/warp/public/770/crmtmp-pub.shtml
PatchVendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/1575