CVE-2011-2084
Best Practical Solutions RT <3.8.12, <4.0.6 - Info Disclosure
Title source: llmDescription
Best Practical Solutions RT 3.x before 3.8.12 and 4.x before 4.0.6 allows remote authenticated users to read (1) hashes of former passwords and (2) ticket correspondence history by leveraging access to a privileged account.
References (5)
Core 5
Core References
Patch mailing-list
x_refsource_mlist
http://lists.bestpractical.com/pipermail/rt-announce/2012-May/000203.html
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/49259
Patch mailing-list
x_refsource_mlist
http://lists.bestpractical.com/pipermail/rt-announce/2012-May/000204.html
Vendor Advisory mailing-list
x_refsource_mlist
http://lists.bestpractical.com/pipermail/rt-announce/2012-May/000202.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/53660
Scores
EPSS
0.0167
EPSS Percentile
74.1%
Details
CWE
CWE-200
Status
published
Products (33)
bestpractical/rt
3.0.0
bestpractical/rt
3.0.1
bestpractical/rt
3.0.2
bestpractical/rt
3.0.3
bestpractical/rt
3.0.4
bestpractical/rt
3.0.5
bestpractical/rt
3.0.6
bestpractical/rt
3.0.7
bestpractical/rt
3.0.7.1
bestpractical/rt
3.0.8
... and 23 more
Published
Jun 04, 2012
Tracked Since
Feb 18, 2026