CVE-2011-1424

EMC SourceOne Email Management (before 6.6 SP1) with Mobile Services enabled contains a trace/configuration flaw in ExShortcut/Web.config: the trace element localOnly flag is not set to true. This enables the ASP.NET Application Tracing file to potentially disclose application-sensitive informati...

CVE-2015-0531

CVE-2015-0531 affects EMC SourceOne Email Management prior to version 7.2, where there is no account lockout after invalid login attempts. This design enables brute-force attempts to gain access to user accounts. The NVD notes a MEDIUM severity (CVSS v2 base score 5.0) with network access and no ...

CVE-2011-4142

The CVE-2011-4142 issue affects EMC SourceOne Email Management’s Web Search feature (versions 6.5 prior to 6.5.2.4033; 6.6 prior to 6.6.1.2194; 6.7 prior to 6.7.2.2033). According to connected sources, the vulnerability causes cleartext credentials to be written to OS log files, enabling local us...