CVE Catalog
CVE-1999-0372
LowExploitation Probability (EPSS)
High risk4.19%
90th percentile — higher than 90% of all known CVEs
Summary
The installer for BackOffice Server includes account names and passwords in a setup file (reboot.ini) which is not deleted after installation.
Risk Assessment
The retention of this information in the configuration file poses a risk of unauthorized access to user accounts, potentially leading to serious security breaches.
Recommendation
It is recommended to delete the reboot.ini file after installation and secure access to configuration files.
Original NVD description (English source)
The installer for BackOffice Server includes account names and passwords in a setup file (reboot.ini) which is not deleted.

