ID

VAR-199908-0018


CVE

CVE-1999-0734


TITLE

CiscoSecure Access control server (ACS) The authorization issue vulnerability is configured by default.

Trust: 0.6

sources: CNNVD: CNNVD-199908-035

DESCRIPTION

A default configuration of CiscoSecure Access Control Server (ACS) allows remote users to modify the server database without authentication. Attackers can exploit this issue to perform unauthorized actions. This may aid in further attacks

Trust: 1.26

sources: NVD: CVE-1999-0734 // BID: 87034 // VULHUB: VHN-715

AFFECTED PRODUCTS

vendor:ciscomodel:ciscosecurescope:eqversion:*

Trust: 1.0

vendor:ciscomodel:ciscosecurescope: - version: -

Trust: 0.6

sources: CNNVD: CNNVD-199908-035 // NVD: CVE-1999-0734

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-1999-0734
value: HIGH

Trust: 1.0

CNNVD: CNNVD-199908-035
value: HIGH

Trust: 0.6

VULHUB: VHN-715
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-1999-0734
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

VULHUB: VHN-715
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-715 // CNNVD: CNNVD-199908-035 // NVD: CVE-1999-0734

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-1999-0734

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-199908-035

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-199908-035

EXTERNAL IDS

db:NVDid:CVE-1999-0734

Trust: 2.0

db:CNNVDid:CNNVD-199908-035

Trust: 0.7

db:BIDid:87034

Trust: 0.4

db:VULHUBid:VHN-715

Trust: 0.1

sources: VULHUB: VHN-715 // BID: 87034 // CNNVD: CNNVD-199908-035 // NVD: CVE-1999-0734

REFERENCES

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-19990819-dbaccess

Trust: 2.7

url:https://exchange.xforce.ibmcloud.com/vulnerabilities/3133

Trust: 2.7

url:http://www.cisco.com/

Trust: 0.3

sources: VULHUB: VHN-715 // BID: 87034 // CNNVD: CNNVD-199908-035 // NVD: CVE-1999-0734

CREDITS

Unknown

Trust: 0.3

sources: BID: 87034

SOURCES

db:VULHUBid:VHN-715
db:BIDid:87034
db:CNNVDid:CNNVD-199908-035
db:NVDid:CVE-1999-0734

LAST UPDATE DATE

2024-11-22T23:14:05.742000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-715date:2019-10-09T00:00:00
db:BIDid:87034date:1999-08-19T00:00:00
db:CNNVDid:CNNVD-199908-035date:2019-10-17T00:00:00
db:NVDid:CVE-1999-0734date:2024-11-20T23:29:20.810

SOURCES RELEASE DATE

db:VULHUBid:VHN-715date:1999-08-19T00:00:00
db:BIDid:87034date:1999-08-19T00:00:00
db:CNNVDid:CNNVD-199908-035date:1999-08-19T00:00:00
db:NVDid:CVE-1999-0734date:1999-08-19T04:00:00