CVE-1999-0007

CVSS 2.0 Score 5.0 of 10 (medium)

Details

Published Jun 26, 1998
Updated: Nov 20, 2024
CWE ID 327

Summary

CVE-1999-0007 is a vulnerability affecting SSL-encrypted sessions. The issue lies in the PKCS #1 protocol, which allows an attacker to extract sensitive information from the encrypted data, including usernames and passwords. This vulnerability could lead to unauthorized access to systems and data, making it a significant security risk. The encryption intended to protect the data is bypassed, leaving it exposed to potential threats. The impact of this vulnerability can lead to serious consequences, including identity theft and unauthorized system access. It is essential to apply the available patches or upgrades as soon as possible to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Microsoft IIS
  • SSLeay
  • Microsoft Exchange Server
  • Netscape FastTrack

Affected Vendors

  • Microsoft
  • Ssleay
  • Netscape
  • HP
  • C2net
l>