CVE-2011-2084

Best Practical Solutions RT <3.8.12, <4.0.6 - Info Disclosure

Title source: llm
STIX 2.1

Description

Best Practical Solutions RT 3.x before 3.8.12 and 4.x before 4.0.6 allows remote authenticated users to read (1) hashes of former passwords and (2) ticket correspondence history by leveraging access to a privileged account.

References (5)

Core 5
Core References
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/49259
Vendor Advisory mailing-list x_refsource_mlist
http://lists.bestpractical.com/pipermail/rt-announce/2012-May/000202.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/53660

Scores

EPSS 0.0167
EPSS Percentile 74.1%

Details

CWE
CWE-200
Status published
Products (33)
bestpractical/rt 3.0.0
bestpractical/rt 3.0.1
bestpractical/rt 3.0.2
bestpractical/rt 3.0.3
bestpractical/rt 3.0.4
bestpractical/rt 3.0.5
bestpractical/rt 3.0.6
bestpractical/rt 3.0.7
bestpractical/rt 3.0.7.1
bestpractical/rt 3.0.8
... and 23 more
Published Jun 04, 2012
Tracked Since Feb 18, 2026