CVE-1999-1126 — Cisco Resource Manager vulnerability
3 documents3 sources
Severity
2.1LOWNVD
EPSS
0.1%
top 75.34%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedDec 31
Latest updateApr 30
Description
Cisco Resource Manager (CRM) 1.1 and earlier creates certain files with insecure permissions that allow local users to obtain sensitive configuration information including usernames, passwords, and SNMP community strings, from (1) swim_swd.log, (2) swim_debug.log, (3) dbi_debug.log, and (4) temporary files whose names begin with "DPR_".
CVSS vector
AV:L/AC:L/C:P/I:N/A:NExploitability: 3.9 | Impact: 2.9