| Vulnerability Name: | CVE-1999-0755 (CCN-2243) | ||||||||
| Assigned: | 1999-05-27 | ||||||||
| Published: | 1999-05-27 | ||||||||
| Updated: | 2018-10-12 | ||||||||
| Summary: | Windows NT RRAS and RAS clients cache a user's password even if the user has not selected the "Save password" option. | ||||||||
| CVSS v3 Severity: | 5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
| ||||||||
| CVSS v2 Severity: | 5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)
| ||||||||
| Vulnerability Type: | CWE-255 | ||||||||
| References: | Source: MITRE Type: CNA CVE-1999-0755 Source: MSKB Type: UNKNOWN Q230681 Source: CCN Type: Microsoft Product Support Services Windows NT Service Packs Source: CCN Type: Microsoft Security Bulletin MS99-017 Patch Available for 'RAS and RRAS Password' Vulnerability Source: CCN Type: OSVDB ID: 11409 Windows NT RRAS/RAS Client Persistent Password Caching Source: CCN Type: BID-232 NT RAS Dial-up Networking "Save Password" Vulnerability Source: MS Type: UNKNOWN MS99-017 Source: XF Type: UNKNOWN nt-ras-pwcache(2243) Source: CCN Type: Microsoft Knowledge Base Article 230681 DUN Credentials Cached When Save Password Not Selected with RAS Source: CCN Type: Microsoft Knowledge Base Article 233303 DUN Credentials Cached When Save Password Not Selected with RRAS | ||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||
| BACK | |||||||||