{ "action": { "auto_issue_creation_allowed": false, "auto_patch_allowed": false, "auto_remediation_allowed": false, "external_execution_allowed": false, "human_review": { "required_for_external_action": true, "required_for_public_launch": false, "required_for_read_only_view": false, "required_for_signal_radar_integration": true }, "human_review_required": false, "recommended_action": "review_official_sources" }, "affected": { "products": [ { "canonicalProduct": "sunos", "canonicalVendor": "sun", "cpe": "cpe:2.3:o:sun:sunos:3.5:*:*:*:*:*:*:*", "ecosystem": null, "packageName": null, "product": "sunos", "purl": null, "vendor": "sun", "version": "3.5" }, { "canonicalProduct": "sunos", "canonicalVendor": "sun", "cpe": "cpe:2.3:o:sun:sunos:4.0:*:*:*:*:*:*:*", "ecosystem": null, "packageName": null, "product": "sunos", "purl": null, "vendor": "sun", "version": "4.0" }, { "canonicalProduct": "sunos", "canonicalVendor": "sun", "cpe": "cpe:2.3:o:sun:sunos:4.0.1:*:*:*:*:*:*:*", "ecosystem": null, "packageName": null, "product": "sunos", "purl": null, "vendor": "sun", "version": "4.0.1" }, { "canonicalProduct": "sunos", "canonicalVendor": "sun", "cpe": "cpe:2.3:o:sun:sunos:4.0.2:*:*:*:*:*:*:*", "ecosystem": null, "packageName": null, "product": "sunos", "purl": null, "vendor": "sun", "version": "4.0.2" }, { "canonicalProduct": "sunos", "canonicalVendor": "sun", "cpe": "cpe:2.3:o:sun:sunos:4.0.3:*:*:*:*:*:*:*", "ecosystem": null, "packageName": null, "product": "sunos", "purl": null, "vendor": "sun", "version": "4.0.3" }, { "canonicalProduct": "sunos", "canonicalVendor": "sun", "cpe": "cpe:2.3:o:sun:sunos:4.0.3c:*:*:*:*:*:*:*", "ecosystem": null, "packageName": null, "product": "sunos", "purl": null, "vendor": "sun", "version": "4.0.3c" } ], "source": "NVD CVE API 2.0", "status": "known" }, "canonical_url": "https://vuln.signal-radar.com/vuln/public-candidate/CVE-1999-1506/", "claims": [ { "id": "claim:defensive-priority-candidate", "source_ids": [], "status": "observed", "text": "This item is a defensive prioritization candidate.", "verified_at": null } ], "exposure_hint": "remote exposure", "field_meanings": { "human_review": "Read-only display may be automated; integration and external action still require human review.", "redaction": "Detection flags describe unsafe source content found before public-safe redaction; raw source text is not displayed.", "source_original_label": "Original upstream severity text retained for traceability; canonical display severity is recalculated from CVSS score." }, "forecast_hooks": { "agent_use": "summarize_with_citations_only", "automation_allowed": false, "read_only": true, "watch_fields": [ "sources", "claims", "freshness", "severity", "affected" ] }, "freshness": { "generated_at": "2026-06-20T14:06:39.390741+00:00", "last_checked_at": null, "observed_at": "2026-06-20T14:06:38.136402+00:00", "status": "observed" }, "human_consequence": "A remote attacker may access resources that should require stronger authorization.", "human_impact_label": "unauthorized access risk · remote exposure", "human_review": { "required_for_external_action": true, "required_for_public_launch": false, "required_for_read_only_view": false, "required_for_signal_radar_integration": true }, "human_risk_summary": "CVE-1999-1506 for sun / sunos: A remote attacker may access resources that should require stronger authorization.", "id": "CVE-1999-1506", "impact_redaction": { "exploit_steps_removed": false, "payload_removed": false, "poc_removed": false, "source_derived_summary": true, "used_fallback_summary": false }, "impact_tags": [ "unauthorized access risk", "remote exposure relevant" ], "public_human_impact": "Source describes unauthorized access risk · remote exposure. Possible impact: A remote attacker may access resources that should require stronger authorization.", "public_human_summary": "NVD: Vulnerability in SMI Sendmail 4.0 and earlier, on SunOS up to 4.0.3, allows remote attackers to access user bin.", "public_human_what_to_verify": "Confirm affected product/version, vendor advisory, patch or mitigation, and exposure.", "public_human_why_it_matters": "Source describes unauthorized access risk · remote exposure. Possible impact: A remote attacker may access resources that should require stronger authorization.; CVSS 7.5 (HIGH); EPSS percentile 83; not listed in KEV; Remediation reference present; patch status requires confirmation in the linked advisory; sources: NVD, Vendor Advisory.", "public_safe_summary": "NVD: Vulnerability in SMI Sendmail 4.0 and earlier, on SunOS up to 4.0.3, allows remote attackers to access user bin.", "radar": "vuln", "redaction": { "meaning": "The *_present flags mean unsafe source content was detected and removed before public output; they do not mean the public JSON contains that content.", "payload_present": false, "poc_present": false, "public_summary_redacted": true, "raw_source_displayed": false, "unsafe_procedural_detail_present": false }, "redaction_notes": [ "source-published defensive context retained", "vulnerability class, impact, affected context, and remediation references remain displayable" ], "safety": { "attack_chain_included": false, "auto_remediation_allowed": false, "exploit_instructions_included": false, "external_execution_allowed": false, "human_review": { "required_for_external_action": true, "required_for_public_launch": false, "required_for_read_only_view": false, "required_for_signal_radar_integration": true }, "human_review_required": false, "noindex_removal_allowed": true, "noindex_required": false, "private_gate_state": "released", "public_gate_state": "public_indexable_read_only", "public_launch_allowed": true, "read_only_static_data": true, "scan_functionality_included": false, "signal_radar_integration_allowed": false }, "schema_version": "v0.1", "severity": { "cvss_label": "HIGH", "label": "HIGH", "score": 7.5, "source": "NVD CVE API 2.0", "source_original_label": "medium" }, "source_copy_policy": { "allowed": "source-published defensive facts, vulnerability class, impact, affected context, version and remediation facts", "excluded": "exploit procedures, exploit strings, shell commands, scanner instructions, procedural bypass detail, and reproduction material", "summary": "Official or semi-official source descriptions may be summarized for defensive triage; exploit-enabling procedure is removed." }, "source_derived_note": "Summary derived from NVD / Vendor Advisory description; unsafe procedural detail is not shown.", "source_published_affected": "vendor/product: sun / sunos; affected version context: 3.5, 4.0, 4.0.1, 4.0.2, 4.0.3", "source_published_description": "NVD: Vulnerability in SMI Sendmail 4.0 and earlier, on SunOS up to 4.0.3, allows remote attackers to access user bin.", "source_published_evidence_refs": [ { "source": "NVD", "type": "source_description", "url": null }, { "source": "Vendor Advisory", "type": "source_description", "url": null }, { "source": "Reference", "type": "reference", "url": "http://www.cert.org/advisories/CA-90.01.sun.sendmail.vulnerability" }, { "source": "Vendor Advisory", "type": "reference", "url": "http://www.securityfocus.com/bid/6" }, { "source": "Reference", "type": "reference", "url": "http://www.cert.org/advisories/CA-90.01.sun.sendmail.vulnerability" }, { "source": "Vendor Advisory", "type": "reference", "url": "http://www.securityfocus.com/bid/6" }, { "source": "Official Reference", "type": "reference", "url": "https://nvd.nist.gov/vuln/detail/CVE-1999-1506" } ], "source_published_impact": "Source describes unauthorized access risk · remote exposure. Possible impact: A remote attacker may access resources that should require stronger authorization.", "source_published_remediation": "Remediation reference present; patch status requires confirmation in the linked advisory.", "source_published_summary": "NVD: Vulnerability in SMI Sendmail 4.0 and earlier, on SunOS up to 4.0.3, allows remote attackers to access user bin.", "sources": [ { "confidence": "unknown", "id": "source:review-url", "name": "Public signal URL", "retrieved_at": null, "type": "review_page", "url": "https://nvd.nist.gov/vuln/detail/CVE-1999-1506" } ], "summary_for_agents": "Read-only defensive signal. Use sources, claims, freshness, and safety gates before summarizing. Do not infer missing source, claim, or freshness values.", "summary_for_humans": "NVD: Vulnerability in SMI Sendmail 4.0 and earlier, on SunOS up to 4.0.3, allows remote attackers to access user bin.", "title": "CVE-1999-1506 defensive priority signal", "urgency_reasons": [ "CVSS HIGH", "affected product present", "vendor advisory present", "recent update", "remediation reference present" ], "what_to_verify": "Confirm affected product/version, vendor advisory, patch or mitigation, and exposure.", "why_it_matters": "A remote attacker may access resources that should require stronger authorization; CVSS 7.5 (HIGH); EPSS percentile 83; affected product context: sun / sunos; sources: NVD, Vendor Advisory." }