CVE-1999-1322
CVSS 2.0 Score 4.6 of 10 (medium)
Details
Summary
CVE-1999-1322 is a cybersecurity vulnerability affecting the installation of 1ArcServe Backup and Inoculan AV client modules for Microsoft Exchange. The vulnerability arises due to the creation of an unsecured log file, exchverify.log, during the installation process. This log file contains usernames and passwords in plaintext, posing a significant risk if accessed by unauthorized entities. Attackers can exploit this vulnerability to gain unauthorized access to Exchange servers, potentially leading to data breaches or other malicious activities. Organizations using these software packages are advised to immediately secure their log files or consider upgrading to a more secure alternative.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- Microsoft Exchange Server
- Microsoft Exchange
Affected Vendors
- Microsoft
- Broadcom