Vulnerability Details CVE-2015-6846
EMC SourceOne Email Supervisor before 7.2 uses hardcoded encryption keys, which makes it easier for attackers to obtain access by examining how a program's code conducts cryptographic operations.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 40.0%
CVSS Severity
CVSS v2 Score 6.8
References
- http://packetstormsecurity.com/files/133922/EMC-SourceOne-Email-Supervisor-XSS-Session-Hijacking.html
- http://seclists.org/bugtraq/2015/Oct/58
- http://www.securitytracker.com/id/1033787
- http://packetstormsecurity.com/files/133922/EMC-SourceOne-Email-Supervisor-XSS-Session-Hijacking.html
- http://seclists.org/bugtraq/2015/Oct/58
- http://www.securitytracker.com/id/1033787
Products affected by CVE-2015-6846
-
cpe:2.3:a:emc:sourceone_email_supervisor:*