CVE-1999-1556

Summary

CVE-1999-1556 is a vulnerability affecting Microsoft SQL Server 6.5. The issue lies in the weak encryption used for the password of the SQLExecutiveCmdExec account and its storage in an easily accessible portion of the registry. Local users can exploit this weakness by decrypting the CmdExecAccount value and gaining elevated privileges. This vulnerability poses a significant risk to SQL Server installations running version 6.5 and could potentially allow unauthorized access and data manipulation. Users are advised to apply the available patch or upgrade to a more secure version of SQL Server as soon as possible.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.