CVE-1999-1246
CVSS 2.0 Score 7.5 of 10 (high)
Details
Summary
CVE-1999-1246 is a vulnerability affecting Microsoft Site Server 3.0. The Direct Mailer feature saves user domain names and passwords in plaintext on a TMLBQueue network share. This share has insecure default permissions, enabling remote attackers to access the passwords and thereby gain privileged access. This issue poses a significant risk to network security, as it allows unauthorized individuals to bypass authentication mechanisms and potentially take control of systems. Users are strongly advised to secure their TMLBQueue shares and change any default passwords to mitigate this vulnerability.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Vendors
- Microsoft