CVE-2012-6580

2013-07-2412:01:45

CWE-310

[email protected]

web.nvd.nist.gov

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

6.3

Confidence

Low

EPSS

0.001

Percentile

49.2%

JSON

Best Practical Solutions RT 3.8.x before 3.8.15 and 4.0.x before 4.0.8, when GnuPG is enabled, does not ensure that the UI labels unencrypted messages as unencrypted, which might make it easier for remote attackers to spoof details of a message’s origin or interfere with encryption-policy auditing via an e-mail message to a queue’s address.

Affected configurations

Nvd

Node

bestpracticalrequest_trackerMatch3.8.3

bestpracticalrequest_trackerMatch3.8.4

bestpracticalrequest_trackerMatch3.8.7

bestpracticalrequest_trackerMatch3.8.9

bestpracticalrequest_trackerMatch3.8.10

bestpracticalrequest_trackerMatch3.8.11

bestpracticalrequest_trackerMatch3.8.12

bestpracticalrequest_trackerMatch3.8.13

bestpracticalrequest_trackerMatch3.8.14

Node

bestpracticalrequest_trackerMatch4.0.0

bestpracticalrequest_trackerMatch4.0.1

bestpracticalrequest_trackerMatch4.0.2

bestpracticalrequest_trackerMatch4.0.3

bestpracticalrequest_trackerMatch4.0.4

bestpracticalrequest_trackerMatch4.0.5

bestpracticalrequest_trackerMatch4.0.6

bestpracticalrequest_trackerMatch4.0.7

VendorProductVersionCPE
bestpracticalrequest_tracker3.8.3cpe:2.3:a:bestpractical:request_tracker:3.8.3:*:*:*:*:*:*:*
bestpracticalrequest_tracker3.8.4cpe:2.3:a:bestpractical:request_tracker:3.8.4:*:*:*:*:*:*:*
bestpracticalrequest_tracker3.8.7cpe:2.3:a:bestpractical:request_tracker:3.8.7:*:*:*:*:*:*:*
bestpracticalrequest_tracker3.8.9cpe:2.3:a:bestpractical:request_tracker:3.8.9:*:*:*:*:*:*:*
bestpracticalrequest_tracker3.8.10cpe:2.3:a:bestpractical:request_tracker:3.8.10:*:*:*:*:*:*:*
bestpracticalrequest_tracker3.8.11cpe:2.3:a:bestpractical:request_tracker:3.8.11:*:*:*:*:*:*:*
bestpracticalrequest_tracker3.8.12cpe:2.3:a:bestpractical:request_tracker:3.8.12:*:*:*:*:*:*:*
bestpracticalrequest_tracker3.8.13cpe:2.3:a:bestpractical:request_tracker:3.8.13:*:*:*:*:*:*:*
bestpracticalrequest_tracker3.8.14cpe:2.3:a:bestpractical:request_tracker:3.8.14:*:*:*:*:*:*:*
bestpracticalrequest_tracker4.0.0cpe:2.3:a:bestpractical:request_tracker:4.0.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
bestpractical	request_tracker	3.8.3	cpe:2.3:a:bestpractical:request_tracker:3.8.3:::::::*
bestpractical	request_tracker	3.8.4	cpe:2.3:a:bestpractical:request_tracker:3.8.4:::::::*
bestpractical	request_tracker	3.8.7	cpe:2.3:a:bestpractical:request_tracker:3.8.7:::::::*
bestpractical	request_tracker	3.8.9	cpe:2.3:a:bestpractical:request_tracker:3.8.9:::::::*
bestpractical	request_tracker	3.8.10	cpe:2.3:a:bestpractical:request_tracker:3.8.10:::::::*
bestpractical	request_tracker	3.8.11	cpe:2.3:a:bestpractical:request_tracker:3.8.11:::::::*
bestpractical	request_tracker	3.8.12	cpe:2.3:a:bestpractical:request_tracker:3.8.12:::::::*
bestpractical	request_tracker	3.8.13	cpe:2.3:a:bestpractical:request_tracker:3.8.13:::::::*
bestpractical	request_tracker	3.8.14	cpe:2.3:a:bestpractical:request_tracker:3.8.14:::::::*
bestpractical	request_tracker	4.0.0	cpe:2.3:a:bestpractical:request_tracker:4.0.0:::::::*