Lucene search

MitreCVE-2012-6580

HistoryJul 24, 2013 - 12:01 p.m.

CVE-2012-6580

2013-07-2412:01:45

CWE-310

mitre

web.nvd.nist.gov

best practical solutions

rt 3.8.x

rt 4.0.x

gnupg

spoofing

unencrypted messages

security vulnerability

cve-2012-6580

nvd

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

6.5

Confidence

Low

EPSS

0.001

Percentile

49.2%

JSON

Best Practical Solutions RT 3.8.x before 3.8.15 and 4.0.x before 4.0.8, when GnuPG is enabled, does not ensure that the UI labels unencrypted messages as unencrypted, which might make it easier for remote attackers to spoof details of a message’s origin or interfere with encryption-policy auditing via an e-mail message to a queue’s address.

Affected configurations

Nvd

Node

bestpracticalrequest_trackerMatch3.8.3

bestpracticalrequest_trackerMatch3.8.4

bestpracticalrequest_trackerMatch3.8.7

bestpracticalrequest_trackerMatch3.8.9

bestpracticalrequest_trackerMatch3.8.10

bestpracticalrequest_trackerMatch3.8.11

bestpracticalrequest_trackerMatch3.8.12

bestpracticalrequest_trackerMatch3.8.13

bestpracticalrequest_trackerMatch3.8.14

Node

bestpracticalrequest_trackerMatch4.0.0

bestpracticalrequest_trackerMatch4.0.1

bestpracticalrequest_trackerMatch4.0.2

bestpracticalrequest_trackerMatch4.0.3

bestpracticalrequest_trackerMatch4.0.4

bestpracticalrequest_trackerMatch4.0.5

bestpracticalrequest_trackerMatch4.0.6

bestpracticalrequest_trackerMatch4.0.7

VendorProductVersionCPE
bestpracticalrequest_tracker3.8.3cpe:2.3:a:bestpractical:request_tracker:3.8.3:*:*:*:*:*:*:*
bestpracticalrequest_tracker3.8.4cpe:2.3:a:bestpractical:request_tracker:3.8.4:*:*:*:*:*:*:*
bestpracticalrequest_tracker3.8.7cpe:2.3:a:bestpractical:request_tracker:3.8.7:*:*:*:*:*:*:*
bestpracticalrequest_tracker3.8.9cpe:2.3:a:bestpractical:request_tracker:3.8.9:*:*:*:*:*:*:*
bestpracticalrequest_tracker3.8.10cpe:2.3:a:bestpractical:request_tracker:3.8.10:*:*:*:*:*:*:*
bestpracticalrequest_tracker3.8.11cpe:2.3:a:bestpractical:request_tracker:3.8.11:*:*:*:*:*:*:*
bestpracticalrequest_tracker3.8.12cpe:2.3:a:bestpractical:request_tracker:3.8.12:*:*:*:*:*:*:*
bestpracticalrequest_tracker3.8.13cpe:2.3:a:bestpractical:request_tracker:3.8.13:*:*:*:*:*:*:*
bestpracticalrequest_tracker3.8.14cpe:2.3:a:bestpractical:request_tracker:3.8.14:*:*:*:*:*:*:*
bestpracticalrequest_tracker4.0.0cpe:2.3:a:bestpractical:request_tracker:4.0.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
bestpractical	request_tracker	3.8.3	cpe:2.3:a:bestpractical:request_tracker:3.8.3:::::::*
bestpractical	request_tracker	3.8.4	cpe:2.3:a:bestpractical:request_tracker:3.8.4:::::::*
bestpractical	request_tracker	3.8.7	cpe:2.3:a:bestpractical:request_tracker:3.8.7:::::::*
bestpractical	request_tracker	3.8.9	cpe:2.3:a:bestpractical:request_tracker:3.8.9:::::::*
bestpractical	request_tracker	3.8.10	cpe:2.3:a:bestpractical:request_tracker:3.8.10:::::::*
bestpractical	request_tracker	3.8.11	cpe:2.3:a:bestpractical:request_tracker:3.8.11:::::::*
bestpractical	request_tracker	3.8.12	cpe:2.3:a:bestpractical:request_tracker:3.8.12:::::::*
bestpractical	request_tracker	3.8.13	cpe:2.3:a:bestpractical:request_tracker:3.8.13:::::::*
bestpractical	request_tracker	3.8.14	cpe:2.3:a:bestpractical:request_tracker:3.8.14:::::::*
bestpractical	request_tracker	4.0.0	cpe:2.3:a:bestpractical:request_tracker:4.0.0:::::::*