CVE-1999-1236
CVSS 2.0 Score 4.6 of 10 (medium)
Details
Published Oct 1, 1999
Updated: Nov 20, 2024
Summary
CVE-1999-1236 is a vulnerability affecting Internet Anywhere Mail Server version 2.3.1. The issue lies in the application's storage of passwords in plaintext within the msgboxes.dbf file. An attacker with local access to the system can exploit this vulnerability by extracting the plaintext passwords, allowing them to gain elevated privileges within the mail server. This weakness in password protection poses a significant risk to the confidentiality and integrity of the affected system.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Vendors
- True North