User Interface Flaw in Request Tracker by Best Practical Solutions
CVE-2012-6580

Currently unrated

Key Information:

Vendor: Bestpractical
Status: Request Tracker
Vendor: CVE Published:; 24 July 2013

🔔 Create Bestpractical Vulnerability Alert

What is CVE-2012-6580?

Best Practical Solutions' Request Tracker versions prior to 3.8.15 and 4.0.8 exhibit a UI flaw when GnuPG is enabled. This flaw fails to clearly label unencrypted messages, which could allow remote attackers to spoof message origins. The lack of proper encryption policy indicators can hinder auditing procedures when messages are sent to a queue's address, potentially compromising the security of sensitive information.

References

http://lists.bestpractical.com/pipermail/rt-announce/2012...

mailing-listx_refsource_MLIST

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Jul 24, 2013

CVE-2012-6580 Data

JSON