Obsolete Cryptographic Algorithm Vulnerability in Request Tracker by Best Practical Solutions
CVE-2025-2545

2.3LOW

Key Information:

Vendor: Best Practical Solutions
Status: Request Tracker
Vendor: CVE Published:; 5 May 2025

🔔 Create Best Practical Solutions Vulnerability Alert

What is CVE-2025-2545?

A vulnerability exists in Request Tracker version 5.0.7 by Best Practical Solutions, where the obsolete Triple DES (3DES) cryptographic algorithm is employed in S/MIME encryption of emails. This algorithm is deemed insecure due to its vulnerability to birthday attacks, potentially allowing unauthorized parties to compromise the confidentiality of sensitive communications. Organizations using this version are urged to upgrade to more secure encryption methods to safeguard their email transactions.

Affected Version(s)

Request Tracker 0 < 5.0.8

References

https://www.incibe.es/en/incibe-cert/notices/aviso/crypto...

CVSS V4

Score:

2.3

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 5, 2025
Vulnerability Reserved
Mar 20, 2025

Credit

Ángel González Berdasco

CVE-2025-2545 Data

JSON