CVE-2002-1530

Name of the Vulnerable Software and Affected Versions SurfControl SuperScout Email Filter (affected versions not specified)

Description The issue concerns the administrative web interface, specifically the STEMWADM component of SurfControl SuperScout Email Filter. It allows unauthorized access to usernames and plaintext passwords through a request to the "userlist.asp" program. This program includes passwords in a user editing form, thus exposing sensitive information.

Recommendations For SurfControl SuperScout Email Filter, consider restricting access to the userlist.asp program to minimize the risk of exploitation. As a temporary workaround, limit the use of the administrative web interface until a fix is available. At the moment, there is no information about a newer version that contains a fix for this issue.