CVE-2011-1687

Best Practical Solutions RT <4.0.0rc - Info Disclosure

Title source: llm
STIX 2.1

Description

Best Practical Solutions RT 3.0.0 through 3.6.10, 3.8.0 through 3.8.9, and 4.0.0rc through 4.0.0rc7 allows remote authenticated users to obtain sensitive information by using the search interface, as demonstrated by retrieving encrypted passwords.

References (10)

Core 10
Core References
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2011/1071
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/66793
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/47383
Third Party Advisory vendor-advisory x_refsource_debian
http://www.debian.org/security/2011/dsa-2220
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/44189

Scores

EPSS 0.0144
EPSS Percentile 70.2%

Details

CWE
CWE-200
Status published
Products (45)
bestpractical/rt 3.0.0
bestpractical/rt 3.0.1
bestpractical/rt 3.0.2
bestpractical/rt 3.0.3
bestpractical/rt 3.0.4
bestpractical/rt 3.0.5
bestpractical/rt 3.0.6
bestpractical/rt 3.0.7
bestpractical/rt 3.0.7.1
bestpractical/rt 3.0.8
... and 35 more
Published Apr 22, 2011
Tracked Since Feb 18, 2026