CVE-2011-1685
Published Apr 22, 2011
Last updated 7 years ago
Overview
- Description
- Best Practical Solutions RT 3.8.0 through 3.8.9 and 4.0.0rc through 4.0.0rc7, when the CustomFieldValuesSources (aka external custom field) option is enabled, allows remote authenticated users to execute arbitrary code via unspecified vectors, as demonstrated by a cross-site request forgery (CSRF) attack.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 4.6
- Impact score
- 6.4
- Exploitability score
- 3.9
- Vector string
- AV:N/AC:H/Au:S/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- CWE-352
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:bestpractical:rt:3.8.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C503726A-4AAB-4444-A204-7F53A6369919"
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:3.8.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F2B93F59-E22F-47E0-A5EA-D5716E9EAB48"
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:3.8.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0BF01543-2929-4ADA-BD74-ABE00BF066BD"
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:3.8.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "562E9782-259B-42C6-BC3E-C452799A78FD"
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:3.8.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C4D2E2C8-15E8-45E4-9DBF-6CF2BEB30576"
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:3.8.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9E4D117A-92C0-4884-A3E6-F6FCC8B89458"
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:3.8.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AED14B5B-A9DE-46A4-8996-F6DC75B5DCD7"
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:3.8.6:rc1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D237F862-E8D5-4D82-9CDC-A8A84D2DE665"
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:3.8.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "84FB5217-7650-4BB2-A0AB-BAB6A362CFD4"
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:3.8.7:rc1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B306ECCE-8095-48E7-A523-05F6B2AF686E"
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:3.8.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E4BF6295-E0EF-44B8-A694-348EF39371BD"
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:3.8.8:rc2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B6FBA787-90EE-4148-804C-F4F6021D5177"
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:3.8.8:rc3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9035493E-C9BA-4DDE-914A-E14CB072E745"
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:3.8.8:rc4:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "19E636D2-525B-4B27-A9E1-16BC0088C8AF"
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:3.8.9:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "546F1582-B85F-4D4F-840C-6257F1DE05E6"
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:3.8.9:rc1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F9040C7B-9080-4B57-885D-9275B9623E46"
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:3.8.9:rc2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7B927C5E-EAC2-4032-905A-BBCE66693958"
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:3.8.9:rc3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D8DB6F17-FF2F-4DCA-A8D1-C3E0D42ACCAB"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:bestpractical:rt:4.0.0:rc1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9E220C7C-D32C-4ED1-A056-074576B7B504"
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:4.0.0:rc2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "57A903C6-3C9F-47A0-92F7-D5272B2622AC"
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:4.0.0:rc3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "67EBD0AE-1A91-4690-8A07-0FB7342768FE"
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:4.0.0:rc4:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A1217A3C-2302-4E3B-BF35-4B16271A6FF6"
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:4.0.0:rc5:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A72E5649-26E5-47DE-9CB4-019FEC8AF13E"
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:4.0.0:rc6:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "51E06E3C-4504-4325-BD89-9102315858C4"
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:4.0.0:rc7:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8A1286FE-DB7C-48B1-82A9-A23C82984A21"
}
],
"operator": "OR"
}
]
}
]