CVE-1999-1280
CVSS 2.0 Score 7.5 of 10 (high)
Details
Summary
CVE-1999-1280 involves the Hummingbird Exceed 6.0.1.0 software, which inadvertently incorporates a development DLL in its production version. This DLL, intended for testing purposes, logs usernames and passwords in plaintext within the test.log file, posing a significant risk to security. The inclusion of this DLL in the production version is an oversight, leading to unintended and potentially harmful consequences. This vulnerability can potentially enable unauthorized access to systems using this software if the test.log file falls into the wrong hands. The impact of this vulnerability is heightened due to the cleartext logging of sensitive information.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- Hummingbird Exceed
Affected Vendors
- Hummingbird