Web application abuses : Synchrologic Email Accelerator User Account Information Disclosure

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

Test ID: 1.3.6.1.4.1.25623.1.0.11657

Category: Web application abuses

Title: Synchrologic Email Accelerator User Account Information Disclosure

Summary: Synchrologic Email Accelerator is prone to an information; disclosure vulnerability.

Description: Summary:
Synchrologic Email Accelerator is prone to an information
disclosure vulnerability.

Vulnerability Impact:
The server allows anonymous users to look at Top Network user
IDs.

Example : http://example.com/en/admin/aggregate.asp

Solution:
If this server is on an Internet segment (as opposed to
internal), you may wish to tighten the access to the aggregate.asp page.

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:P/A:N

Copyright Copyright (C) 2003 John Lampe

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

Test ID:	1.3.6.1.4.1.25623.1.0.11657
Category:	Web application abuses
Title:	Synchrologic Email Accelerator User Account Information Disclosure
Summary:	Synchrologic Email Accelerator is prone to an information; disclosure vulnerability.
Description:	Summary: Synchrologic Email Accelerator is prone to an information disclosure vulnerability. Vulnerability Impact: The server allows anonymous users to look at Top Network user IDs. Example : http://example.com/en/admin/aggregate.asp Solution: If this server is on an Internet segment (as opposed to internal), you may wish to tighten the access to the aggregate.asp page. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N
Copyright	Copyright (C) 2003 John Lampe