CVE Catalog

CVE-1999-0372

Low
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

High risk
4.19%

90th percentile — higher than 90% of all known CVEs

Summary

The installer for BackOffice Server includes account names and passwords in a setup file (reboot.ini) which is not deleted after installation.

Risk Assessment

The retention of this information in the configuration file poses a risk of unauthorized access to user accounts, potentially leading to serious security breaches.

Recommendation

It is recommended to delete the reboot.ini file after installation and secure access to configuration files.

Original NVD description (English source)

The installer for BackOffice Server includes account names and passwords in a setup file (reboot.ini) which is not deleted.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS