Design/Logic Flaw

2012-01-1911:55:00

PRIOn knowledge base

www.prio-n.com

6.4 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

The Web Search feature in EMC SourceOne Email Management 6.5 before 6.5.2.4033, 6.6 before 6.6.1.2194, and 6.7 before 6.7.2.2033 places cleartext credentials in log files, which allows local users to obtain sensitive information by reading these files.

CPENameOperatorVersion
sourceone_email_managementle6.6.1.2108
sourceone_email_managementeq6.7
sourceone_email_managementeq6.6
sourceone_email_managementle6.5.2.3668
sourceone_email_managementeq6.5
sourceone_email_managementeq6.6.0.1209
sourceone_email_managementle6.7.2.0017

Name	Operator	Version
sourceone_email_management	le	6.6.1.2108
sourceone_email_management	eq	6.7
sourceone_email_management	eq	6.6
sourceone_email_management	le	6.5.2.3668
sourceone_email_management	eq	6.5
sourceone_email_management	eq	6.6.0.1209
sourceone_email_management	le	6.7.2.0017

References

www.securityfocus.com/archive/1/521290