CVE Catalog

CVE-1999-1530

Low
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.37%

28th percentile — higher than 28% of all known CVEs

Summary

The vulnerability in cgiwrap used in Cobalt RaQ 2.0 and RaQ 3i involves improper user identification when running certain scripts. This allows a malicious site administrator to access data from another virtual site on the same system.

Risk Assessment

The risk involves the potential for unauthorized administrators to view or modify data, which can lead to breaches of confidentiality and data integrity.

Recommendation

It is recommended to update cgiwrap to the latest version and implement appropriate access control mechanisms to limit site administrators' capabilities.

Original NVD description (English source)

cgiwrap as used on Cobalt RaQ 2.0 and RaQ 3i does not properly identify the user for running certain scripts, which allows a malicious site administrator to view or modify data located at another virtual site on the same system.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS