Vulnerability Description
The installation of 1ArcServe Backup and Inoculan AV client modules for Exchange create a log file, exchverify.log, which contains usernames and passwords in plaintext.
CVSS Score
4.6
MEDIUM
AV:L/AC:L/Au:N/C:P/I:P/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Broadcom | Arcserve Backup | All versions |
| Broadcom | Inoculan | All versions |
| Microsoft | Exchange Server | All versions |
References
- http://marc.info/?l=ntbugtraq&m=91096758513985&w=2
- http://marc.info/?l=ntbugtraq&m=91133714919229&w=2
- http://marc.info/?l=ntbugtraq&m=91096758513985&w=2
- http://marc.info/?l=ntbugtraq&m=91133714919229&w=2
FAQ
What is CVE-1999-1322?
CVE-1999-1322 is a vulnerability with a CVSS score of 4.6 (MEDIUM). The installation of 1ArcServe Backup and Inoculan AV client modules for Exchange create a log file, exchverify.log, which contains usernames and passwords in plaintext.
How severe is CVE-1999-1322?
CVE-1999-1322 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-1999-1322?
Check the references section above for vendor advisories and patch information. Affected products include: Broadcom Arcserve Backup, Broadcom Inoculan, Microsoft Exchange Server.