CVE-2012-6578
Published Jul 24, 2013
Last updated 11 years ago
Overview
- Description
- Best Practical Solutions RT 3.8.x before 3.8.15 and 4.0.x before 4.0.8, when GnuPG is enabled with a "Sign by default" queue configuration, uses a queue's key for signing, which might allow remote attackers to spoof messages by leveraging the lack of authentication semantics.
- Source
- cve@mitre.org
- NVD status
- Analyzed
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 4.3
- Impact score
- 2.9
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:N/I:P/A:N
Weaknesses
- nvd@nist.gov
- CWE-310
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:bestpractical:request_tracker:3.8.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E751355A-5C27-47D5-A501-BE0033BB8E06"
},
{
"criteria": "cpe:2.3:a:bestpractical:request_tracker:3.8.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FB660C2B-9EAB-45E7-83D4-C61B71A70704"
},
{
"criteria": "cpe:2.3:a:bestpractical:request_tracker:3.8.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6149929E-AC54-484C-9914-BE5B9011B6C2"
},
{
"criteria": "cpe:2.3:a:bestpractical:request_tracker:3.8.9:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "96D2D87E-2C68-44F7-B8C5-922452742A4B"
},
{
"criteria": "cpe:2.3:a:bestpractical:request_tracker:3.8.10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FDD49949-14EC-4023-8FC5-6BDC5EC64991"
},
{
"criteria": "cpe:2.3:a:bestpractical:request_tracker:3.8.11:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8BF47625-80E7-4B73-8C93-8E022AC2703B"
},
{
"criteria": "cpe:2.3:a:bestpractical:request_tracker:3.8.12:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C24F467B-2654-4ED4-B1C9-66BE6D263C72"
},
{
"criteria": "cpe:2.3:a:bestpractical:request_tracker:3.8.13:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5947B639-9DA1-401A-A227-31A065B4C1A7"
},
{
"criteria": "cpe:2.3:a:bestpractical:request_tracker:3.8.14:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E53B005E-8714-4E5D-B026-E22C7FA6DCEA"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:bestpractical:request_tracker:4.0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "44234832-170D-43E0-9643-19CE57378721"
},
{
"criteria": "cpe:2.3:a:bestpractical:request_tracker:4.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "38CFCCD6-6C5D-41CD-B7FB-D925A46E615C"
},
{
"criteria": "cpe:2.3:a:bestpractical:request_tracker:4.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "814172FB-6F34-4356-8105-70AEBE0B6F6B"
},
{
"criteria": "cpe:2.3:a:bestpractical:request_tracker:4.0.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D282AC9F-E087-4D8D-B467-1D9480B3ABDA"
},
{
"criteria": "cpe:2.3:a:bestpractical:request_tracker:4.0.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "42F21EB3-8CE6-4F87-A5DE-A01AA32B943F"
},
{
"criteria": "cpe:2.3:a:bestpractical:request_tracker:4.0.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5EDB4AD7-96B5-4D72-8C51-23D744D10C46"
},
{
"criteria": "cpe:2.3:a:bestpractical:request_tracker:4.0.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0096B700-17B5-4158-A736-ECFDF9E9935B"
},
{
"criteria": "cpe:2.3:a:bestpractical:request_tracker:4.0.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A0AF4515-6DB1-406A-878C-6DB32D021BA0"
}
],
"operator": "OR"
}
]
}
]