Description

When a new SQL Server is registered in Enterprise Manager for Microsoft SQL Server 7.0 and the "Always prompt for login name and password" option is not set, then the Enterprise Manager uses weak encryption to store the login ID and password.

Remediation

References

CVE-2000-0199

Related Vulnerabilities

Python Missing Initialization of Resource Vulnerability (CVE-2018-14647)

MySQL CVE-2018-3278 Vulnerability (CVE-2018-3278)

Ruby on Rails Inefficient Regular Expression Complexity Vulnerability (CVE-2023-22795)

Squid Out-of-bounds Read Vulnerability (CVE-2022-41318)

Joomla Improper Input Validation Vulnerability (CVE-2015-8565)

Severity

High

Classification

CVE-2000-0199

Tags

Missing Update Known Vulnerabilities