CVE-2000-0199

CVSS 2.0 Score 7.2 of 10 (high)

Details

Published Mar 14, 2000
Updated: Nov 20, 2024

Summary

CVE-2000-0199 is a vulnerability affecting Microsoft SQL Server 7.0's Enterprise Manager. When a new SQL Server is registered, and the "Always prompt for login name and password" option is not enabled, the Enterprise Manager stores login IDs and passwords using weak encryption, making them susceptible to potential unauthorized access. This vulnerability could result in serious security implications if exploited. It is recommended that users enable the "Always prompt for login name and password" option or employ stronger encryption methods to secure their login credentials.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Microsoft SQL Server

Affected Vendors

  • Microsoft