CVE-1999-0910

CVSS 2.0 Score 5.0 of 10 (medium)

Details

Published Sep 10, 1999
Updated: Nov 20, 2024

Summary

CVE-1999-0910 is a vulnerability affecting Microsoft Site Server and Commercial Internet System (MCIS). This issue arises due to MCIS failing to set an expiration date for cookies, which could lead to them being indefinitely cached by proxies. Subsequently, these cookies could be mistakenly used by unintended users, resulting in unauthorized access to protected resources. This vulnerability can potentially expose sensitive information and pose a significant security risk. To mitigate this issue, Microsoft released a patch to set an expiration date for cookies in affected versions of MCIS.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share