CVE-1999-1280

CVSS 2.0 Score 7.5 of 10 (high)

Details

Published Dec 3, 1998
Updated: Dec 19, 2017

Summary

CVE-1999-1280 involves the Hummingbird Exceed 6.0.1.0 software, which inadvertently incorporates a development DLL in its production version. This DLL, intended for testing purposes, logs usernames and passwords in plaintext within the test.log file, posing a significant risk to security. The inclusion of this DLL in the production version is an oversight, leading to unintended and potentially harmful consequences. This vulnerability can potentially enable unauthorized access to systems using this software if the test.log file falls into the wrong hands. The impact of this vulnerability is heightened due to the cleartext logging of sensitive information.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Hummingbird Exceed

Affected Vendors

  • Hummingbird