CVE-1999-0993

CVSS 2.0 Score 7.5 of 10 (high)

Details

Published Dec 13, 1999

Updated: Nov 20, 2024

CWE ID 665

Summary

CVE-1999-0993 is a vulnerability affecting Microsoft Exchange Server 5.5. Hackers can exploit this issue by modifying Access Control Lists (ACLs) without proper authorization, but the changes will not take effect until the directory store cache is refreshed. This creates a window of opportunity for unauthorized access or data manipulation. System administrators must refresh the cache manually to apply the new ACLs and mitigate this risk. Failure to do so could result in serious security consequences.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Microsoft Exchange Server

Affected Vendors

Microsoft

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/NWlUaw
https://www.cve.org/CVERecord?id=CVE-1999-0993
https://nvd.nist.gov/vuln/detail/CVE-1999-0993

Back to Vulnerability Database