CVE-2015-6843

The CVE-2015-6843 issue affects EMC SourceOne Email Supervisor before version 7.2, where the authentication mechanism does not properly limit login attempts. This weakness enables brute-force remote access by an attacker targeting the affected system. While multiple sources (NVD and CNVD family e...

CVE-2015-6844

The provided data confirms a Cross-site scripting (XSS) vulnerability in the Reviewer component of EMC SourceOne Email Supervisor before version 7.2. The issue allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, enabling possible browser-context execution. The ...

CVE-2015-6845

CVE-2015-6845 affects EMC SourceOne Email Supervisor prior to version 7.2. The issue is that session IDs are not generated with adequate randomness, enabling remote attackers to guess a valid session ID and gain access. The NVD lists a base score of 7.5 (HIGH) with network attack vector and low a...

CVE-2015-6846

EMC SourceOne Email Supervisor prior to version 7.2 contains hardcoded encryption keys, enabling an attacker to gain access by inspecting cryptographic operations in the program. This CVE (CVE-2015-6846) is documented in multiple feeds (NVD, CVE listings) with a common description of hardcoded ke...