CVE-1999-1126

Published: Dec 31, 1999Modified: Apr 16, 2026

2.1

Vector

AV:L/AC:L/Au:N/C:P/I:N/A:N

Exploitability: 3.9 / Impact: 2.9

Source: NVD

Description

Cisco Resource Manager (CRM) 1.1 and earlier creates certain files with insecure permissions that allow local users to obtain sensitive configuration information including usernames, passwords, and SNMP community strings, from (1) swim_swd.log, (2) swim_debug.log, (3) dbi_debug.log, and (4) temporary files whose names begin with "DPR_".

Affected (1)

Products: Cisco: Resource Manager

1 product

Resource Manager

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Cisco Resource Manager	Up to 1.1

References (6)

http://ciac.llnl.gov/ciac/bulletins/i-086.shtml

Source: cve@mitre.org

PatchVendor Advisory

http://www.cisco.com/warp/public/770/crmtmp-pub.shtml

Source: cve@mitre.org

PatchVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/1575

Source: cve@mitre.org

http://ciac.llnl.gov/ciac/bulletins/i-086.shtml

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://www.cisco.com/warp/public/770/crmtmp-pub.shtml

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/1575

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.