NVD

Id
8365  
Name
CVE-2011-1424  
Description
The default configuration of ExShortcutWeb.config in EMC SourceOne Email Management before 6.6 SP1, when the Mobile Services component is used, does not properly set the localOnly attribute of the trace element, which allows remote authenticated users to obtain sensitive information via ASP.NET Application Tracing.  
Reject
 
CVSS Version
2  
CVSS Score
3.5  
Severity
Low  
CVSS Base Score
3.5  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
6.8  
CVSS Vector
(AV:N/AC:M/Au:S/C:P/I:N/A:N)  
Pub Date
2017-01-07  
Published
2011-05-24  
Modified Date
2011-09-21  
Seq
2011-1424  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
47916 8365 CVE-2011-1424 8258  View
47917 8365 CVE-2011-1424 20110513 ESA-2011-016: EMC SourceOne ASP.NET application tracing information disclosure vulnerability  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
34148 JVNDB-2011-004390 EMC SourceOne Email Management の初期設定における重要な情報を取得される脆弱性 EMC SourceOne Email Management の ExShortcutWeb.config の初期設定は、Mobile Services コンポーネントが使用される際、trace 要素の localOnly 属性を適切に設定しないため、重要な情報を取得される脆弱性が存在します。 CVE-2011-1424 49331 CVE-2011-1424 8365 3.5 http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-004390.html 2011-05-24 2012-03-27 View