CVE-1999-1428
CVE-1999-1428 is a medium-severity vulnerability in Sun Solstice Adminsuite with a CVSS 2.0 base score of 6.2. It is not currently listed as actively exploited by CISA, and its EPSS exploit-prediction score is low.
Key facts
- Severity: Medium (CVSS 2.0 base score 6.2)
- EPSS exploit prediction: 0% (20th percentile)
- Actively exploited: Not listed in CISA KEV
- Affected product: Sun Solstice Adminsuite
- Published:
- Last modified:
Description
Solaris Solstice AdminSuite (AdminSuite) 2.1 and 2.2 allows local users to gain privileges via the save option in the Database Manager, which is running with setgid bin privileges.
Frequently asked questions
- What is CVE-1999-1428?
- Solaris Solstice AdminSuite (AdminSuite) 2.1 and 2.2 allows local users to gain privileges via the save option in the Database Manager, which is running with setgid bin privileges.
- How severe is CVE-1999-1428?
- CVE-1999-1428 has a CVSS 2.0 base score of 6.2, rated medium severity.
- Is CVE-1999-1428 being actively exploited?
- It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 0% (20th percentile), an estimate of the probability of exploitation in the next 30 days.
- What products are affected by CVE-1999-1428?
- CVE-1999-1428 primarily affects Sun Solstice Adminsuite. In total, 4 product configurations (CPEs) are listed as vulnerable; see the affected-products list for the exact versions.
- How do I fix CVE-1999-1428?
- Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround.
- When was CVE-1999-1428 published?
- CVE-1999-1428 was published on 1997-11-10 and last updated on 2026-06-16.
References
- http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/145
- http://www.securityfocus.com/bid/208
Affected products (4)
- cpe:2.3:a:sun:solstice_adminsuite:2.1:*:*:*:*:*:*:*
- cpe:2.3:a:sun:solstice_adminsuite:2.1:*:x86:*:*:*:*:*
- cpe:2.3:a:sun:solstice_adminsuite:2.2:*:*:*:*:*:*:*
- cpe:2.3:a:sun:solstice_adminsuite:2.2:*:x86:*:*:*:*:*
More vulnerabilities in Sun Solstice Adminsuite
- CVE-1999-1427 — Medium (CVSS 6.2): Solaris Solstice AdminSuite (AdminSuite) 2.1 and 2.2 create lock files insecurely, which allows local users to gain…
- CVE-1999-1425 — Medium (CVSS 6.2): Solaris Solstice AdminSuite (AdminSuite) 2.1 incorrectly sets write permissions on source files for NIS maps, which…
- CVE-1999-1424 — Medium (CVSS 6.2): Solaris Solstice AdminSuite (AdminSuite) 2.1 uses unsafe permissions when adding new users to the NIS+ password table,…
- CVE-1999-1426 — Medium (CVSS 6.2): Solaris Solstice AdminSuite (AdminSuite) 2.1 follows symbolic links when updating an NIS database, which allows local…