CVE-1999-1277

Published Dec 24, 1998

Last updated 7 years ago

Overview

Description: BackWeb client stores the username and password in cleartext for proxy authentication in the Communication registry key, which could allow other local users to gain privileges by reading the password.
Source: cve@mitre.org
NVD status: Modified

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 4.6
Impact score: 6.4
Exploitability score: 3.9
Vector string: AV:L/AC:L/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: NVD-CWE-Other

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:backweb_technologies:backweb_client:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "379ED4B7-2E58-4BF3-A5C8-3DED7A2BC739"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

References