CVE-2011-4142

2012-01-1911:55:10

CWE-255

[email protected]

web.nvd.nist.gov

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

AI Score

5.9

Confidence

Low

EPSS

Percentile

5.1%

JSON

The Web Search feature in EMC SourceOne Email Management 6.5 before 6.5.2.4033, 6.6 before 6.6.1.2194, and 6.7 before 6.7.2.2033 places cleartext credentials in log files, which allows local users to obtain sensitive information by reading these files.

Affected configurations

Nvd

Node

emcsourceone_email_managementRange≤6.5.2.3668

emcsourceone_email_managementRange≤6.6.1.2108

emcsourceone_email_managementRange≤6.7.2.0017

emcsourceone_email_managementMatch6.5

emcsourceone_email_managementMatch6.6

emcsourceone_email_managementMatch6.6.0.1209

emcsourceone_email_managementMatch6.7

VendorProductVersionCPE
emcsourceone_email_management*cpe:2.3:a:emc:sourceone_email_management:*:*:*:*:*:*:*:*
emcsourceone_email_management6.5cpe:2.3:a:emc:sourceone_email_management:6.5:*:*:*:*:*:*:*
emcsourceone_email_management6.6cpe:2.3:a:emc:sourceone_email_management:6.6:*:*:*:*:*:*:*
emcsourceone_email_management6.6.0.1209cpe:2.3:a:emc:sourceone_email_management:6.6.0.1209:*:*:*:*:*:*:*
emcsourceone_email_management6.7cpe:2.3:a:emc:sourceone_email_management:6.7:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
emc	sourceone_email_management	*	cpe:2.3:a:emc:sourceone_email_management::::::::
emc	sourceone_email_management	6.5	cpe:2.3:a:emc:sourceone_email_management:6.5:::::::*
emc	sourceone_email_management	6.6	cpe:2.3:a:emc:sourceone_email_management:6.6:::::::*
emc	sourceone_email_management	6.6.0.1209	cpe:2.3:a:emc:sourceone_email_management:6.6.0.1209:::::::*
emc	sourceone_email_management	6.7	cpe:2.3:a:emc:sourceone_email_management:6.7:::::::*