PT-2012-1542 · Best Practical Solutions · Rt

Published

2012-06-04

Updated

2012-09-29

CVE-2011-2084

CVSS v2.0

4.0

Medium

Vector

AV:N/AC:L/Au:S/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions Best Practical Solutions RT versions 3.x through 3.8.11 Best Practical Solutions RT versions 4.x through 4.0.5

Description The issue allows remote authenticated users to read sensitive information, including hashes of former passwords and ticket correspondence history, by leveraging access to a privileged account.

Recommendations For versions 3.x through 3.8.11, update to version 3.8.12 or later. For versions 4.x through 4.0.5, update to version 4.0.6 or later.

Fix

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200

Related Identifiers

CVE-2011-2084

DSA-2480-1

PT-2012-1542 · Best Practical Solutions · Rt

CVE-2011-2084

Weakness Enumeration

Related Identifiers

Affected Products

References · 10