Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-4142

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2011-4142
Last Modified 19 Jan 2012 12:00:00
Published 19 Jan 2012 06:55:10
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2011-4142

Summary

The Web Search feature in EMC SourceOne Email Management 6.5 before 6.5.2.4033, 6.6 before 6.6.1.2194, and 6.7 before 6.7.2.2033 places cleartext credentials in log files, which allows local users to obtain sensitive information by reading these files.

Vulnerable Systems

Application

  • Emc Sourceone Email Management 6.5

  • Emc Sourceone Email Management 6.5.2.3668

  • Emc Sourceone Email Management 6.6

  • Emc Sourceone Email Management 6.6.0.1209

  • Emc Sourceone Email Management 6.6.1.2108

  • Emc Sourceone Email Management 6.7

  • Emc Sourceone Email Management 6.7.2.0017


References

BUGTRAQ - 20120117 ESA-2012-003: EMC SourceOne Web Search Sensitive Information Disclosure Vulnerability.


Last Updated: 27 May 2016 10:58:05