CVE-2012-4733
Published Aug 23, 2013
Last updated 11 years ago
Overview
- Description
- Request Tracker (RT) 4.x before 4.0.13 does not properly enforce the DeleteTicket and "custom lifecycle transition" permission, which allows remote authenticated users with the ModifyTicket permission to delete tickets via unspecified vectors.
- Source
- cve@mitre.org
- NVD status
- Analyzed
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 6
- Impact score
- 6.4
- Exploitability score
- 6.8
- Vector string
- AV:N/AC:M/Au:S/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- CWE-255
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:bestpractical:rt:4.0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F84987A7-103B-4473-9D4F-9F28880F6D9F"
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:4.0.0:rc1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9E220C7C-D32C-4ED1-A056-074576B7B504"
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:4.0.0:rc2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "57A903C6-3C9F-47A0-92F7-D5272B2622AC"
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:4.0.0:rc3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "67EBD0AE-1A91-4690-8A07-0FB7342768FE"
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:4.0.0:rc4:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A1217A3C-2302-4E3B-BF35-4B16271A6FF6"
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:4.0.0:rc5:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A72E5649-26E5-47DE-9CB4-019FEC8AF13E"
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:4.0.0:rc6:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "51E06E3C-4504-4325-BD89-9102315858C4"
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:4.0.0:rc7:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8A1286FE-DB7C-48B1-82A9-A23C82984A21"
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:4.0.0:rc8:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5C89298A-DA7A-4DDD-A420-5B5BC0ABAF7E"
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:4.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "60F0CE6D-3DFA-4432-9615-78718C1D5583"
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:4.0.1:rc1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F478B6AB-8B47-46A2-BEA7-9FF24F4A7026"
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:4.0.1:rc2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A7CA2655-8B75-4DFF-9B30-1B9839B87D9A"
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:4.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A65F27F5-D134-4B94-BF93-CE32065B75B2"
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:4.0.2:rc1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9D976231-5D79-4C48-BFFA-39E3E7FE35A5"
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:4.0.2:rc2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F35ABA0F-6072-433E-AAA5-3B0BB219B404"
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:4.0.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E1D6E744-5181-4E94-8B9B-3CA83648C7A7"
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:4.0.10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "15112BC0-8C03-4417-A0EB-123C326E6F34"
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:4.0.11:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "685B747F-6C34-4D76-B1A3-652EF2480D5F"
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:4.0.12:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A8E6D6E2-13A1-4AF9-B1A2-414588CCBD35"
}
],
"operator": "OR"
}
]
}
]