CVE-1999-1530
LowExploitation Probability (EPSS)
Low risk28th percentile — higher than 28% of all known CVEs
Summary
The vulnerability in cgiwrap used in Cobalt RaQ 2.0 and RaQ 3i involves improper user identification when running certain scripts. This allows a malicious site administrator to access data from another virtual site on the same system.
Risk Assessment
The risk involves the potential for unauthorized administrators to view or modify data, which can lead to breaches of confidentiality and data integrity.
Recommendation
It is recommended to update cgiwrap to the latest version and implement appropriate access control mechanisms to limit site administrators' capabilities.
Original NVD description (English source)
cgiwrap as used on Cobalt RaQ 2.0 and RaQ 3i does not properly identify the user for running certain scripts, which allows a malicious site administrator to view or modify data located at another virtual site on the same system.

