Details of VAR-199908-0018

ID

VAR-199908-0018

CVE

CVE-1999-0734

TITLE

CiscoSecure Access control server (ACS) The authorization issue vulnerability is configured by default.

Trust: 0.6

sources: CNNVD: CNNVD-199908-035

DESCRIPTION

A default configuration of CiscoSecure Access Control Server (ACS) allows remote users to modify the server database without authentication. Attackers can exploit this issue to perform unauthorized actions. This may aid in further attacks

Trust: 1.26

sources: NVD: CVE-1999-0734 // BID: 87034 // VULHUB: VHN-715

AFFECTED PRODUCTS

vendor:	cisco	model:	ciscosecure	scope:	eq	version:	*	Trust: 1.0
vendor:	cisco	model:	ciscosecure	scope:	-	version:	-	Trust: 0.6

sources: CNNVD: CNNVD-199908-035 // NVD: CVE-1999-0734

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-1999-0734
value:	HIGH
Trust: 1.0
CNNVD:	CNNVD-199908-035
value:	HIGH
Trust: 0.6
VULHUB:	VHN-715
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-1999-0734
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
VULHUB:	VHN-715
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-715 // CNNVD: CNNVD-199908-035 // NVD: CVE-1999-0734

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-1999-0734

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-199908-035

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-199908-035

EXTERNAL IDS

db:	NVD	id:	CVE-1999-0734	Trust: 2.0
db:	CNNVD	id:	CNNVD-199908-035	Trust: 0.7
db:	BID	id:	87034	Trust: 0.4
db:	VULHUB	id:	VHN-715	Trust: 0.1

sources: VULHUB: VHN-715 // BID: 87034 // CNNVD: CNNVD-199908-035 // NVD: CVE-1999-0734

REFERENCES

url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-19990819-dbaccess	Trust: 1.7
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/3133	Trust: 1.7
url:	http://www.cisco.com/	Trust: 0.3

sources: VULHUB: VHN-715 // BID: 87034 // CNNVD: CNNVD-199908-035 // NVD: CVE-1999-0734

CREDITS

Unknown

Trust: 0.3

sources: BID: 87034

SOURCES

db:	VULHUB	id:	VHN-715
db:	BID	id:	87034
db:	CNNVD	id:	CNNVD-199908-035
db:	NVD	id:	CVE-1999-0734

LAST UPDATE DATE

2024-08-14T15:25:53.212000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-715	date:	2019-10-09T00:00:00
db:	BID	id:	87034	date:	1999-08-19T00:00:00
db:	CNNVD	id:	CNNVD-199908-035	date:	2019-10-17T00:00:00
db:	NVD	id:	CVE-1999-0734	date:	2019-10-09T22:43:07.980

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-715	date:	1999-08-19T00:00:00
db:	BID	id:	87034	date:	1999-08-19T00:00:00
db:	CNNVD	id:	CNNVD-199908-035	date:	1999-08-19T00:00:00
db:	NVD	id:	CVE-1999-0734	date:	1999-08-19T04:00:00