CVE-2012-6581
Published Jul 24, 2013
Last updated 11 years ago
Overview
- Description
- Best Practical Solutions RT 3.8.x before 3.8.15 and 4.0.x before 4.0.8, when GnuPG is enabled, allows remote attackers to bypass intended restrictions on reading keys in the product's keyring, and trigger outbound e-mail messages signed by an arbitrary stored secret key, by leveraging a UI e-mail signing privilege.
- Source
- cve@mitre.org
- NVD status
- Analyzed
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 4.3
- Impact score
- 2.9
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:N/I:P/A:N
Weaknesses
- nvd@nist.gov
- CWE-264
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:bestpractical:request_tracker:3.8.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E751355A-5C27-47D5-A501-BE0033BB8E06"
},
{
"criteria": "cpe:2.3:a:bestpractical:request_tracker:3.8.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FB660C2B-9EAB-45E7-83D4-C61B71A70704"
},
{
"criteria": "cpe:2.3:a:bestpractical:request_tracker:3.8.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6149929E-AC54-484C-9914-BE5B9011B6C2"
},
{
"criteria": "cpe:2.3:a:bestpractical:request_tracker:3.8.9:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "96D2D87E-2C68-44F7-B8C5-922452742A4B"
},
{
"criteria": "cpe:2.3:a:bestpractical:request_tracker:3.8.10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FDD49949-14EC-4023-8FC5-6BDC5EC64991"
},
{
"criteria": "cpe:2.3:a:bestpractical:request_tracker:3.8.11:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8BF47625-80E7-4B73-8C93-8E022AC2703B"
},
{
"criteria": "cpe:2.3:a:bestpractical:request_tracker:3.8.12:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C24F467B-2654-4ED4-B1C9-66BE6D263C72"
},
{
"criteria": "cpe:2.3:a:bestpractical:request_tracker:3.8.13:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5947B639-9DA1-401A-A227-31A065B4C1A7"
},
{
"criteria": "cpe:2.3:a:bestpractical:request_tracker:3.8.14:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E53B005E-8714-4E5D-B026-E22C7FA6DCEA"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:bestpractical:request_tracker:4.0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "44234832-170D-43E0-9643-19CE57378721"
},
{
"criteria": "cpe:2.3:a:bestpractical:request_tracker:4.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "38CFCCD6-6C5D-41CD-B7FB-D925A46E615C"
},
{
"criteria": "cpe:2.3:a:bestpractical:request_tracker:4.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "814172FB-6F34-4356-8105-70AEBE0B6F6B"
},
{
"criteria": "cpe:2.3:a:bestpractical:request_tracker:4.0.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D282AC9F-E087-4D8D-B467-1D9480B3ABDA"
},
{
"criteria": "cpe:2.3:a:bestpractical:request_tracker:4.0.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "42F21EB3-8CE6-4F87-A5DE-A01AA32B943F"
},
{
"criteria": "cpe:2.3:a:bestpractical:request_tracker:4.0.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5EDB4AD7-96B5-4D72-8C51-23D744D10C46"
},
{
"criteria": "cpe:2.3:a:bestpractical:request_tracker:4.0.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0096B700-17B5-4158-A736-ECFDF9E9935B"
},
{
"criteria": "cpe:2.3:a:bestpractical:request_tracker:4.0.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A0AF4515-6DB1-406A-878C-6DB32D021BA0"
}
],
"operator": "OR"
}
]
}
]