CVE-2011-4142

The Web Search feature in EMC SourceOne Email Management 6.5 before 6.5.2.4033, 6.6 before 6.6.1.2194, and 6.7 before 6.7.2.2033 places cleartext credentials in log files, which allows local users to obtain sensitive information by reading these files.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
2.1 UNKNOWN
LOCAL
LOW
AV:L/AC:L/Au:N/C:P/I:N/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 17%
VendorProductVersion
emcsourceone_email_management
𝑥
≤ 6.5.2.3668
emcsourceone_email_management
𝑥
≤ 6.6.1.2108
emcsourceone_email_management
𝑥
≤ 6.7.2.0017
emcsourceone_email_management
6.5
emcsourceone_email_management
6.6
emcsourceone_email_management
6.6.0.1209
emcsourceone_email_management
6.7
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.securityfocus.com/archive/1/521290
http://www.securityfocus.com/archive/1/521290