CVE-1999-1556

Summary

CVE-1999-1556 is a vulnerability affecting Microsoft SQL Server 6.5. The issue lies in the weak encryption used for the password of the SQLExecutiveCmdExec account, which is stored in an accessible portion of the registry. Local users can exploit this weakness by decrypting the CmdExecAccount value, thereby gaining elevated privileges. This vulnerability poses a significant risk to systems running the affected software and requires immediate attention to ensure security. Microsoft strongly recommends changing the password and implementing stronger encryption methods to mitigate this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.