3.5

CVE-2011-1424

EPSS 0.16%
Veröffentlicht 24.05.2011 23:55:02
Zuletzt bearbeitet 11.04.2025 00:51:21
Quelle security_alert@emc.com
Teams Watchlist Login
Unerledigt Login

The default configuration of ExShortcut\Web.config in EMC SourceOne Email Management before 6.6 SP1, when the Mobile Services component is used, does not properly set the localOnly attribute of the trace element, which allows remote authenticated users to obtain sensitive information via ASP.NET Application Tracing.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Emc ≫ Sourceone Email Management Version <= 6.6.0.1209

Microsoft ≫ Exchange

Emc ≫ Sourceone Email Management Version6.5.2.3668

Microsoft ≫ Exchange

Emc ≫ Sourceone Email Management Version <= 6.6.0.1209

Ibm ≫ Lotus Domino
Ibm ≫ Lotus Notes

Emc ≫ Sourceone Email Management Version6.5.2.3668

Ibm ≫ Lotus Domino
Ibm ≫ Lotus Notes

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.16%	0.337

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	3.5	6.8	2.9	AV:N/AC:M/Au:S/C:P/I:N/A:N

http://securityreason.com/securityalert/8258

http://www.securityfocus.com/archive/1/518003/100/0/threaded

https://nvd.nist.gov/vuln/detail/CVE-2011-1424

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2011-1424

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2011-1424

EUVD