Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveMitreCVE-2011-4142
HistoryJan 19, 2012 - 11:55 a.m.

CVE-2011-4142

2012-01-1911:55:10
CWE-255
mitre
web.nvd.nist.gov
20
web search
emc sourceone
email management
cve-2011-4142
security vulnerability
log files
cleartext credentials

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

AI Score

6

Confidence

Low

EPSS

0

Percentile

5.1%

JSON

The Web Search feature in EMC SourceOne Email Management 6.5 before 6.5.2.4033, 6.6 before 6.6.1.2194, and 6.7 before 6.7.2.2033 places cleartext credentials in log files, which allows local users to obtain sensitive information by reading these files.

Affected configurations

Nvd
Node
emcsourceone_email_managementRange6.5.2.3668
OR
emcsourceone_email_managementRange6.6.1.2108
OR
emcsourceone_email_managementRange6.7.2.0017
OR
emcsourceone_email_managementMatch6.5
OR
emcsourceone_email_managementMatch6.6
OR
emcsourceone_email_managementMatch6.6.0.1209
OR
emcsourceone_email_managementMatch6.7
VendorProductVersionCPE
emcsourceone_email_management*cpe:2.3:a:emc:sourceone_email_management:*:*:*:*:*:*:*:*
emcsourceone_email_management6.5cpe:2.3:a:emc:sourceone_email_management:6.5:*:*:*:*:*:*:*
emcsourceone_email_management6.6cpe:2.3:a:emc:sourceone_email_management:6.6:*:*:*:*:*:*:*
emcsourceone_email_management6.6.0.1209cpe:2.3:a:emc:sourceone_email_management:6.6.0.1209:*:*:*:*:*:*:*
emcsourceone_email_management6.7cpe:2.3:a:emc:sourceone_email_management:6.7:*:*:*:*:*:*:*

Related

securityvulns 2
cvelist 1
nvd 1
prion 1
securityvulns
securityvulns
ESA-2012-003: EMC SourceOne Web Search Sensitive Information Disclosure Vulnerability.
2012-01-21 00:00:00
EMC SourceOne information leakage
2012-01-21 00:00:00
cvelist
cvelist
CVE-2011-4142
2012-01-19 11:00:00
nvd
nvd
CVE-2011-4142
2012-01-19 11:55:10
prion
prion
Design/Logic Flaw
2012-01-19 11:55:00

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

AI Score

6

Confidence

Low

EPSS

0

Percentile

5.1%

JSON
Related for CVE-2011-4142
securityvulns2cvelist1nvd1prion1