Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-1424


Vulnerability Score 3.5 3.5
CVE Id CVE-2011-1424
Last Modified 21 Sep 2011 11:30:13
Published 24 May 2011 07:55:02
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication SINGLE_INSTANCE



The default configuration of ExShortcut\Web.config in EMC SourceOne Email Management before 6.6 SP1, when the Mobile Services component is used, does not properly set the localOnly attribute of the trace element, which allows remote authenticated users to obtain sensitive information via ASP.NET Application Tracing.

Vulnerable Systems


  • Emc Sourceone Email Management

  • Emc Sourceone Email Management


BUGTRAQ - 20110513 ESA-2011-016: EMC SourceOne ASP.NET application tracing information disclosure vulnerability

SREASON - 8258

Last Updated: 27 May 2016 10:56:19