Vulnerability Description
Reviewer in EMC SourceOne Email Supervisor before 7.2 does not properly limit attempts to authenticate, which makes it easier for remote attackers to obtain access via a brute-force approach.
CVSS Score
5.0
MEDIUM
AV:N/AC:L/Au:N/C:P/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Emc | Sourceone Email Supervisor | <= 7.1 |
Related Weaknesses (CWE)
References
- http://packetstormsecurity.com/files/133922/EMC-SourceOne-Email-Supervisor-XSS-SThird Party Advisory
- http://seclists.org/bugtraq/2015/Oct/58Mailing List
- http://www.securitytracker.com/id/1033787Third Party AdvisoryVDB Entry
- http://packetstormsecurity.com/files/133922/EMC-SourceOne-Email-Supervisor-XSS-SThird Party Advisory
- http://seclists.org/bugtraq/2015/Oct/58Mailing List
- http://www.securitytracker.com/id/1033787Third Party AdvisoryVDB Entry
FAQ
What is CVE-2015-6843?
CVE-2015-6843 is a vulnerability with a CVSS score of 5.0 (MEDIUM). Reviewer in EMC SourceOne Email Supervisor before 7.2 does not properly limit attempts to authenticate, which makes it easier for remote attackers to obtain access via a brute-force approach.
How severe is CVE-2015-6843?
CVE-2015-6843 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2015-6843?
Check the references section above for vendor advisories and patch information. Affected products include: Emc Sourceone Email Supervisor.