CVE Catalog

CVE-1999-1042

Low
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.26%

17th percentile — higher than 17% of all known CVEs

Summary

Cisco Resource Manager (CRM) versions 1.0 and 1.1 create world-readable log files and temporary files, which may expose sensitive information such as user IDs, passwords, and SNMP community strings to local users.

Risk Assessment

The exposure of sensitive information may lead to unauthorized access to systems and data, posing a serious security threat to the organization.

Recommendation

It is recommended to restrict access to log and temporary files and to upgrade to a newer version of the software that does not have this vulnerability.

Original NVD description (English source)

Cisco Resource Manager (CRM) 1.0 and 1.1 creates world-readable log files and temporary files, which may expose sensitive information, to local users such as user IDs, passwords and SNMP community strings.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS