{"api_version":"1","generated_at":"2026-04-23T06:59:54+00:00","cve":"CVE-1999-1126","urls":{"html":"https://cve.report/CVE-1999-1126","api":"https://cve.report/api/cve/CVE-1999-1126.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-1999-1126","nvd":"https://nvd.nist.gov/vuln/detail/CVE-1999-1126"},"summary":{"title":"CVE-1999-1126","description":"Cisco Resource Manager (CRM) 1.1 and earlier creates certain files with insecure permissions that allow local users to obtain sensitive configuration information including usernames, passwords, and SNMP community strings, from (1) swim_swd.log, (2) swim_debug.log, (3) dbi_debug.log, and (4) temporary files whose names begin with \"DPR_\".","state":"PUBLISHED","assigner":"mitre","published_at":"1999-12-31 05:00:00","updated_at":"2025-04-03 01:03:51"},"problem_types":["NVD-CWE-Other","n/a"],"metrics":[{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"2.1","severity":"","vector":"AV:L/AC:L/Au:N/C:P/I:N/A:N","data":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:P/I:N/A:N","baseScore":2.1,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"}}],"references":[{"url":"http://ciac.llnl.gov/ciac/bulletins/i-086.shtml","name":"http://ciac.llnl.gov/ciac/bulletins/i-086.shtml","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"],"title":"Cisco CRM Temporary File Vulnerability","mime":"text/html","httpstatus":"-1","archivestatus":"200"},{"url":"http://www.cisco.com/warp/public/770/crmtmp-pub.shtml","name":"http://www.cisco.com/warp/public/770/crmtmp-pub.shtml","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"],"title":"Cisco - Field Notice: CRM Temporary File Vulnerability","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/1575","name":"https://exchange.xforce.ibmcloud.com/vulnerabilities/1575","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"IBM X-Force Exchange","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-1999-1126","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-1999-1126","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"1999","cve_id":"1126","vulnerable":"1","versionEndIncluding":"1.1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"resource_manager","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-01T17:02:53.668Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"name":"I-086","tags":["third-party-advisory","government-resource","x_refsource_CIAC","x_transferred"],"url":"http://ciac.llnl.gov/ciac/bulletins/i-086.shtml"},{"name":"cisco-crm-file-vuln(1575)","tags":["vdb-entry","x_refsource_XF","x_transferred"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/1575"},{"name":"19980813 CRM Temporary File Vulnerability","tags":["vendor-advisory","x_refsource_CISCO","x_transferred"],"url":"http://www.cisco.com/warp/public/770/crmtmp-pub.shtml"}],"title":"CVE Program Container"}],"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"1998-08-13T00:00:00.000Z","descriptions":[{"lang":"en","value":"Cisco Resource Manager (CRM) 1.1 and earlier creates certain files with insecure permissions that allow local users to obtain sensitive configuration information including usernames, passwords, and SNMP community strings, from (1) swim_swd.log, (2) swim_debug.log, (3) dbi_debug.log, and (4) temporary files whose names begin with \"DPR_\"."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2017-12-18T21:57:01.000Z","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"references":[{"name":"I-086","tags":["third-party-advisory","government-resource","x_refsource_CIAC"],"url":"http://ciac.llnl.gov/ciac/bulletins/i-086.shtml"},{"name":"cisco-crm-file-vuln(1575)","tags":["vdb-entry","x_refsource_XF"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/1575"},{"name":"19980813 CRM Temporary File Vulnerability","tags":["vendor-advisory","x_refsource_CISCO"],"url":"http://www.cisco.com/warp/public/770/crmtmp-pub.shtml"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-1999-1126","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Cisco Resource Manager (CRM) 1.1 and earlier creates certain files with insecure permissions that allow local users to obtain sensitive configuration information including usernames, passwords, and SNMP community strings, from (1) swim_swd.log, (2) swim_debug.log, (3) dbi_debug.log, and (4) temporary files whose names begin with \"DPR_\"."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"I-086","refsource":"CIAC","url":"http://ciac.llnl.gov/ciac/bulletins/i-086.shtml"},{"name":"cisco-crm-file-vuln(1575)","refsource":"XF","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/1575"},{"name":"19980813 CRM Temporary File Vulnerability","refsource":"CISCO","url":"http://www.cisco.com/warp/public/770/crmtmp-pub.shtml"}]}}}},"cveMetadata":{"assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","cveId":"CVE-1999-1126","datePublished":"2001-09-12T04:00:00.000Z","dateReserved":"2001-08-31T00:00:00.000Z","dateUpdated":"2024-08-01T17:02:53.668Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"1999-12-31 05:00:00","lastModifiedDate":"2025-04-03 01:03:51","problem_types":["NVD-CWE-Other","n/a"],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:P/I:N/A:N","baseScore":2.1,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":3.9,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:resource_manager:*:*:*:*:*:*:*:*","versionEndIncluding":"1.1","matchCriteriaId":"28FD65FA-AF10-44E8-B13C-69CB4CA1A124"}]}]}]},"legacy_mitre":{"record":{"CveYear":"1999","CveId":"1126","Ordinal":"1","Title":"CVE-1999-1126","CVE":"CVE-1999-1126","Year":"1999"},"notes":[{"CveYear":"1999","CveId":"1126","Ordinal":"1","NoteData":"Cisco Resource Manager (CRM) 1.1 and earlier creates certain files with insecure permissions that allow local users to obtain sensitive configuration information including usernames, passwords, and SNMP community strings, from (1) swim_swd.log, (2) swim_debug.log, (3) dbi_debug.log, and (4) temporary files whose names begin with \"DPR_\".","Type":"Description","Title":"CVE-1999-1126"},{"CveYear":"1999","CveId":"1126","Ordinal":"2","NoteData":"2001-09-12","Type":"Other","Title":"Published"},{"CveYear":"1999","CveId":"1126","Ordinal":"3","NoteData":"2017-12-18","Type":"Other","Title":"Modified"}]}}}