CVE-2011-4142

EUVD-2011-4085
The Web Search feature in EMC SourceOne Email Management 6.5 before 6.5.2.4033, 6.6 before 6.6.1.2194, and 6.7 before 6.7.2.2033 places cleartext credentials in log files, which allows local users to obtain sensitive information by reading these files.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
2.1 UNKNOWN
LOCAL
LOW
AV:L/AC:L/Au:N/C:P/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 17%
Affected Products (NVD)
VendorProductVersion
emcsourceone_email_management
𝑥
≤ 6.5.2.3668
emcsourceone_email_management
𝑥
≤ 6.6.1.2108
emcsourceone_email_management
𝑥
≤ 6.7.2.0017
emcsourceone_email_management
6.5
emcsourceone_email_management
6.6
emcsourceone_email_management
6.6.0.1209
emcsourceone_email_management
6.7
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.securityfocus.com/archive/1/521290
http://www.securityfocus.com/archive/1/521290