CVE-1999-0407

CVSS 2.0 Score 10.0 of 10 (high)

Details

Published Feb 9, 1999
Updated: Nov 20, 2024

Summary

CVE-1999-0407 is a vulnerability affecting IIS 4.0. By default, this version of IIS includes a virtual directory named "/IISADMPWD." Hackers can exploit this directory to launch brute force attacks or identify valid usernames on the system by accessing files contained within. These files can be used as proxies to gain unauthorized access to the system. This vulnerability is significant as it exposes sensitive information and provides an avenue for potential attacks. To mitigate this risk, administrators should immediately remove the "/IISADMPWD" virtual directory or restrict access to it.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share