Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2012-6580

Опубликовано: 24 июл. 2013
Источник: nvd
CVSS2: 4.3
EPSS Низкий

Описание

Best Practical Solutions RT 3.8.x before 3.8.15 and 4.0.x before 4.0.8, when GnuPG is enabled, does not ensure that the UI labels unencrypted messages as unencrypted, which might make it easier for remote attackers to spoof details of a message's origin or interfere with encryption-policy auditing via an e-mail message to a queue's address.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:bestpractical:request_tracker:3.8.3:*:*:*:*:*:*:*
cpe:2.3:a:bestpractical:request_tracker:3.8.4:*:*:*:*:*:*:*
cpe:2.3:a:bestpractical:request_tracker:3.8.7:*:*:*:*:*:*:*
cpe:2.3:a:bestpractical:request_tracker:3.8.9:*:*:*:*:*:*:*
cpe:2.3:a:bestpractical:request_tracker:3.8.10:*:*:*:*:*:*:*
cpe:2.3:a:bestpractical:request_tracker:3.8.11:*:*:*:*:*:*:*
cpe:2.3:a:bestpractical:request_tracker:3.8.12:*:*:*:*:*:*:*
cpe:2.3:a:bestpractical:request_tracker:3.8.13:*:*:*:*:*:*:*
cpe:2.3:a:bestpractical:request_tracker:3.8.14:*:*:*:*:*:*:*
Конфигурация 2

Одно из

cpe:2.3:a:bestpractical:request_tracker:4.0.0:*:*:*:*:*:*:*
cpe:2.3:a:bestpractical:request_tracker:4.0.1:*:*:*:*:*:*:*
cpe:2.3:a:bestpractical:request_tracker:4.0.2:*:*:*:*:*:*:*
cpe:2.3:a:bestpractical:request_tracker:4.0.3:*:*:*:*:*:*:*
cpe:2.3:a:bestpractical:request_tracker:4.0.4:*:*:*:*:*:*:*
cpe:2.3:a:bestpractical:request_tracker:4.0.5:*:*:*:*:*:*:*
cpe:2.3:a:bestpractical:request_tracker:4.0.6:*:*:*:*:*:*:*
cpe:2.3:a:bestpractical:request_tracker:4.0.7:*:*:*:*:*:*:*

EPSS

Процентиль: 33%
0.00131
Низкий

4.3 Medium

CVSS2

Дефекты

CWE-310

Связанные уязвимости

ubuntu логотип

CVE-2012-6580

ubuntu
больше 12 лет назад

Best Practical Solutions RT 3.8.x before 3.8.15 and 4.0.x before 4.0.8, when GnuPG is enabled, does not ensure that the UI labels unencrypted messages as unencrypted, which might make it easier for remote attackers to spoof details of a message's origin or interfere with encryption-policy auditing via an e-mail message to a queue's address.

debian логотип

CVE-2012-6580

debian
больше 12 лет назад

Best Practical Solutions RT 3.8.x before 3.8.15 and 4.0.x before 4.0.8 ...

github логотип

GHSA-pr6v-qj9p-h45q

github
больше 3 лет назад

Best Practical Solutions RT 3.8.x before 3.8.15 and 4.0.x before 4.0.8, when GnuPG is enabled, does not ensure that the UI labels unencrypted messages as unencrypted, which might make it easier for remote attackers to spoof details of a message's origin or interfere with encryption-policy auditing via an e-mail message to a queue's address.

EPSS

Процентиль: 33%
0.00131
Низкий

4.3 Medium

CVSS2

Дефекты

CWE-310