CVE-1999-0372

Summary

CVE-1999-0372 is a vulnerability affecting the installer for BackOffice Server. The issue arises from the installer failing to delete a setup file named reboot.ini after installation is complete. This file contains account names and passwords in plaintext, posing a significant risk if it falls into the wrong hands. An unauthorized user gaining access to this information could potentially use it to compromise the system by logging in with administrative privileges. This vulnerability highlights the importance of securely handling sensitive information during and after the installation process.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.