Arbitrary Host ICMP Information Exposure in Cisco Products
CVE-1999-0524

Currently unrated

Key Information:

Vendor

Microsoft

Vendor
CVE Published:
1 August 1997

Badges

๐Ÿ‘พ Exploit Exists๐ŸŸก Public PoC๐ŸŸฃ EPSS 31%

What is CVE-1999-0524?

The vulnerability allows arbitrary hosts to send ICMP requests that reveal sensitive information, including netmask and timestamp data. This exposure can assist attackers in conducting reconnaissance and facilitate further attacks on the network. Proper configuration and monitoring are essential to mitigate the risks associated with this vulnerability.

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

References

EPSS Score

31% chance of being exploited in the next 30 days.

Timeline

  • ๐ŸŸก

    Public PoC available

  • ๐Ÿ‘พ

    Exploit known to exist

  • Vulnerability Reserved

  • Vulnerability published

.