Keyring Management Vulnerability in Best Practical Solutions RT Products
CVE-2012-6581

Currently unrated

Key Information:

Vendor: Bestpractical
Status: Request Tracker
Vendor: CVE Published:; 24 July 2013

🔔 Create Bestpractical Vulnerability Alert

What is CVE-2012-6581?

The vulnerability in Best Practical Solutions' Request Tracker affects versions 3.8.x prior to 3.8.15 and 4.0.x prior to 4.0.8 when GnuPG is enabled. It allows remote attackers to bypass restrictions set on the product’s keyring, thereby gaining unauthorized access to read keys. This flaw can also lead to the potential signing of outbound e-mails with arbitrary secret keys stored within the keyring, exploiting a weakness in the UI email signing privilege. Such exploitation can compromise the integrity of signed communications.

References

http://lists.bestpractical.com/pipermail/rt-announce/2012...

mailing-listx_refsource_MLIST

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Jul 24, 2013

CVE-2012-6581 Data

JSON