CVE-1999-0910
CVSS 2.0 Score 5.0 of 10 (medium)
Details
Summary
CVE-1999-0910 is a vulnerability affecting Microsoft Site Server and Commercial Internet System (MCIS). This issue arises due to MCIS failing to set an expiration date for cookies, which could lead to them being indefinitely cached by proxies. Subsequently, these cookies could be mistakenly used by unintended users, resulting in unauthorized access to protected resources. This vulnerability can potentially expose sensitive information and pose a significant security risk. To mitigate this issue, Microsoft released a patch to set an expiration date for cookies in affected versions of MCIS.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Vendors
- Microsoft