Data Exposure Vulnerability in Request Tracker by Best Practical Solutions
CVE-2013-3374

Currently unrated

Key Information:

Vendor: Bestpractical
Status: Rt
Vendor: CVE Published:; 23 August 2013

🔔 Create Bestpractical Vulnerability Alert

What is CVE-2013-3374?

A vulnerability in Request Tracker prior to versions 3.8.17 and 4.0.13 may expose sensitive user information such as preferences and caches. This issue arises when utilizing the Apache::Session::File session store, whereby attackers can exploit limited session re-use mechanisms to gain unauthorized access to user data.

References

http://lists.bestpractical.com/pipermail/rt-announce/2013...

mailing-listx_refsource_MLIST

http://lists.bestpractical.com/pipermail/rt-announce/2013...

mailing-listx_refsource_MLIST

http://lists.bestpractical.com/pipermail/rt-announce/2013...

mailing-listx_refsource_MLIST

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Aug 23, 2013

CVE-2013-3374 Data

JSON