Lucene search
HistoryOct 03, 2022 - 4:15 p.m.
CVE-2011-4142
web search
emc sourceone
email management
cve-2011-4142
security vulnerability
log files
cleartext credentials
2.1 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
6 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%
The Web Search feature in EMC SourceOne Email Management 6.5 before 6.5.2.4033, 6.6 before 6.6.1.2194, and 6.7 before 6.7.2.2033 places cleartext credentials in log files, which allows local users to obtain sensitive information by reading these files.
Affected configurations
Node
emcsourceone_email_managementRange≤6.5.2.3668
ORemcsourceone_email_managementRange≤6.6.1.2108
ORemcsourceone_email_managementRange≤6.7.2.0017
ORemcsourceone_email_managementMatch6.5
ORemcsourceone_email_managementMatch6.6
ORemcsourceone_email_managementMatch6.6.0.1209
ORemcsourceone_email_managementMatch6.7
References
Related
securityvulns
securityvulns
EMC SourceOne information leakage
2012-01-21 00:00:00
prion
prion
Design/Logic Flaw
2012-01-19 11:55:00
nvd
nvd
CVE-2011-4142
2012-01-19 11:55:10
cvelist
cvelist
CVE-2011-4142
2022-10-03 16:15:13
2.1 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
6 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%
Related for CVE-2011-4142