3.5

CVE-2011-1424

EPSS 0.16%
Published 24.05.2011 23:55:02
Last modified 11.04.2025 00:51:21
Source security_alert@emc.com
Teams watchlist Login
Open Login

The default configuration of ExShortcut\Web.config in EMC SourceOne Email Management before 6.6 SP1, when the Mobile Services component is used, does not properly set the localOnly attribute of the trace element, which allows remote authenticated users to obtain sensitive information via ASP.NET Application Tracing.

Affected products Warnungen 0 Metrics 2 CWE 0 References 5

Data is provided by the National Vulnerability Database (NVD)

Emc ≫ Sourceone Email Management Version <= 6.6.0.1209

Microsoft ≫ Exchange

Emc ≫ Sourceone Email Management Version6.5.2.3668

Microsoft ≫ Exchange

Emc ≫ Sourceone Email Management Version <= 6.6.0.1209

Ibm ≫ Lotus Domino
Ibm ≫ Lotus Notes

Emc ≫ Sourceone Email Management Version6.5.2.3668

Ibm ≫ Lotus Domino
Ibm ≫ Lotus Notes

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.16%	0.337

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	3.5	6.8	2.9	AV:N/AC:M/Au:S/C:P/I:N/A:N

http://securityreason.com/securityalert/8258

http://www.securityfocus.com/archive/1/518003/100/0/threaded

https://nvd.nist.gov/vuln/detail/CVE-2011-1424

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2011-1424

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2011-1424

EUVD