Request Tracker Vulnerability Allows Unauthorized Access to Sensitive Data
CVE-2015-1165

Currently unrated

Key Information:

Vendor: Fedoraproject
Status: Fedora; Debian Linux
Vendor: CVE Published:; 9 March 2015

🔔 Create Fedoraproject Vulnerability Alert

What is CVE-2015-1165?

The vulnerability within Request Tracker (RT) allows remote attackers to gain unauthorized access to sensitive RSS feed URLs and ticket information through unspecified methods. Affected versions include RT 3.8.8 up to 4.x prior to 4.0.23 and 4.2.x before 4.2.10, posing a significant risk for organizations using this project management tool. It is crucial for administrators to apply the necessary updates to mitigate potential exploitation.

References

http://blog.bestpractical.com/2015/02/security-vulnerabil...

x_refsource_CONFIRM

http://www.debian.org/security/2015/dsa-3176

vendor-advisoryx_refsource_DEBIAN

http://lists.fedoraproject.org/pipermail/package-announce...

vendor-advisoryx_refsource_FEDORA

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 9, 2015
Vulnerability Reserved
Jan 17, 2015