Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2023-41259HistoryNov 03, 2023 - 5:15 a.m.
CVE-2023-41259
2023-11-0305:15:29
Debian Security Bug Tracker
security-tracker.debian.org
24
cve-2023-41259
best practical request tracker
information disclosure
spoofed email headers
mail-gateway
unix
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
AI Score
6.2
Confidence
Low
EPSS
0.001
Percentile
28.1%
Best Practical Request Tracker (RT) before 4.4.7 and 5.x before 5.0.5 allows Information Disclosure via fake or spoofed RT email headers in an email message or a mail-gateway REST API call.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | request-tracker4 | < 4.4.6+dfsg-1.1+deb12u1 | request-tracker4_4.4.6+dfsg-1.1+deb12u1_all.deb |
| Debian | 11 | all | request-tracker4 | < 4.4.4+dfsg-2+deb11u3 | request-tracker4_4.4.4+dfsg-2+deb11u3_all.deb |
| Debian | 999 | all | request-tracker4 | < 4.4.7+dfsg-1 | request-tracker4_4.4.7+dfsg-1_all.deb |
| Debian | 13 | all | request-tracker4 | < 4.4.7+dfsg-1 | request-tracker4_4.4.7+dfsg-1_all.deb |
| Debian | 12 | all | request-tracker5 | < 5.0.3+dfsg-3~deb12u2 | request-tracker5_5.0.3+dfsg-3~deb12u2_all.deb |
| Debian | 999 | all | request-tracker5 | < 5.0.5+dfsg-1 | request-tracker5_5.0.5+dfsg-1_all.deb |
| Debian | 13 | all | request-tracker5 | < 5.0.5+dfsg-1 | request-tracker5_5.0.5+dfsg-1_all.deb |
Related
nvd
nvd
CVE-2023-41259
2023-11-03 05:15:29
cve
cve
CVE-2023-41259
2023-11-03 05:15:29
vulnrichment
vulnrichment
CVE-2023-41259
2023-11-03 00:00:00
cvelist
cvelist
CVE-2023-41259
2023-11-03 00:00:00
veracode
veracode
Information Disclosure
2023-11-02 06:24:47
alpinelinux
alpinelinux
CVE-2023-41259
2023-11-03 05:15:29
ubuntucve
ubuntucve
CVE-2023-41259
2023-11-03 00:00:00
prion
prion
Information disclosure
2023-11-03 05:15:00
debian
debian
[SECURITY] [DSA 5542-1] request-tracker4 security update
2023-10-30 20:44:36
[SECURITY] [DLA 3642-1] request-tracker4 security update
2023-10-31 04:53:47
[SECURITY] [DSA 5541-1] request-tracker5 security update
2023-10-30 20:33:54
osv
osv
request-tracker4 - security update
2023-10-31 00:00:00
request-tracker4 - security update
2023-10-30 00:00:00
request-tracker5 - security update
2023-10-30 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-5542-1)
2023-10-31 00:00:00
Debian: Security Advisory (DLA-3642-1)
2023-11-01 00:00:00
Debian: Security Advisory (DSA-5541-1)
2023-10-31 00:00:00
nessus
nessus
Debian DSA-5542-1 : request-tracker4 - security update
2023-10-31 00:00:00
Debian DSA-5541-1 : request-tracker5 - security update
2023-10-31 00:00:00
Debian DLA-3642-1 : request-tracker4 - LTS security update
2023-10-31 00:00:00
freebsd
freebsd
Request Tracker -- multiple vulnerabilities
2023-10-18 00:00:00
ubuntu
ubuntu
Request Tracker vulnerabilities
2023-12-04 00:00:00
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
AI Score
6.2
Confidence
Low
EPSS
0.001
Percentile
28.1%
Related for DEBIANCVE:CVE-2023-41259