CVE-2011-1424

CVE Database · CVE-2011-1424

CVE-2011-1424

· N/AModified

CVSS v3.1

N/A

EPSS

0.77%

Published

May 24, 2011

Modified

Apr 28, 2026

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

The default configuration of ExShortcut\Web.config in EMC SourceOne Email Management before 6.6 SP1, when the Mobile Services component is used, does not properly set the localOnly attribute of the trace element, which allows remote authenticated users to obtain sensitive information via ASP.NET Application Tracing.

Weaknesses (CWE)

CWE-16

Affected Products (7)

emc · sourceone_email_managementvulnerable

microsoft · exchange

emc · sourceone_email_managementvulnerable

ibm · lotus_domino

ibm · lotus_notes

References (4)

http://securityreason.com/securityalert/8258

http://www.securityfocus.com/archive/1/518003/100/0/threaded

http://securityreason.com/securityalert/8258

http://www.securityfocus.com/archive/1/518003/100/0/threaded

KEV Catalog EPSS Scores Vendors All CVEs