Insecure File Permissions in Cisco Resource Manager (CRM) 1.1 and Earlier

Insecure File Permissions in Cisco Resource Manager (CRM) 1.1 and Earlier

CVE-1999-1126 · LOW Severity

AV:L/AC:L/AU:N/C:P/I:N/A:N

Cisco Resource Manager (CRM) 1.1 and earlier creates certain files with insecure permissions that allow local users to obtain sensitive configuration information including usernames, passwords, and SNMP community strings, from (1) swim_swd.log, (2) swim_debug.log, (3) dbi_debug.log, and (4) temporary files whose names begin with "DPR_".

Learn more about our Crm Penetration Testing.