Lucene search

K
cveMitreCVE-2012-6580
HistoryJul 24, 2013 - 12:01 p.m.

CVE-2012-6580

2013-07-2412:01:45
CWE-310
mitre
web.nvd.nist.gov
24
best practical solutions
rt 3.8.x
rt 4.0.x
gnupg
spoofing
unencrypted messages
security vulnerability
cve-2012-6580
nvd

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

6.5

Confidence

Low

EPSS

0.001

Percentile

49.2%

Best Practical Solutions RT 3.8.x before 3.8.15 and 4.0.x before 4.0.8, when GnuPG is enabled, does not ensure that the UI labels unencrypted messages as unencrypted, which might make it easier for remote attackers to spoof details of a message’s origin or interfere with encryption-policy auditing via an e-mail message to a queue’s address.

Affected configurations

Nvd
Node
bestpracticalrequest_trackerMatch3.8.3
OR
bestpracticalrequest_trackerMatch3.8.4
OR
bestpracticalrequest_trackerMatch3.8.7
OR
bestpracticalrequest_trackerMatch3.8.9
OR
bestpracticalrequest_trackerMatch3.8.10
OR
bestpracticalrequest_trackerMatch3.8.11
OR
bestpracticalrequest_trackerMatch3.8.12
OR
bestpracticalrequest_trackerMatch3.8.13
OR
bestpracticalrequest_trackerMatch3.8.14
Node
bestpracticalrequest_trackerMatch4.0.0
OR
bestpracticalrequest_trackerMatch4.0.1
OR
bestpracticalrequest_trackerMatch4.0.2
OR
bestpracticalrequest_trackerMatch4.0.3
OR
bestpracticalrequest_trackerMatch4.0.4
OR
bestpracticalrequest_trackerMatch4.0.5
OR
bestpracticalrequest_trackerMatch4.0.6
OR
bestpracticalrequest_trackerMatch4.0.7
VendorProductVersionCPE
bestpracticalrequest_tracker3.8.3cpe:2.3:a:bestpractical:request_tracker:3.8.3:*:*:*:*:*:*:*
bestpracticalrequest_tracker3.8.4cpe:2.3:a:bestpractical:request_tracker:3.8.4:*:*:*:*:*:*:*
bestpracticalrequest_tracker3.8.7cpe:2.3:a:bestpractical:request_tracker:3.8.7:*:*:*:*:*:*:*
bestpracticalrequest_tracker3.8.9cpe:2.3:a:bestpractical:request_tracker:3.8.9:*:*:*:*:*:*:*
bestpracticalrequest_tracker3.8.10cpe:2.3:a:bestpractical:request_tracker:3.8.10:*:*:*:*:*:*:*
bestpracticalrequest_tracker3.8.11cpe:2.3:a:bestpractical:request_tracker:3.8.11:*:*:*:*:*:*:*
bestpracticalrequest_tracker3.8.12cpe:2.3:a:bestpractical:request_tracker:3.8.12:*:*:*:*:*:*:*
bestpracticalrequest_tracker3.8.13cpe:2.3:a:bestpractical:request_tracker:3.8.13:*:*:*:*:*:*:*
bestpracticalrequest_tracker3.8.14cpe:2.3:a:bestpractical:request_tracker:3.8.14:*:*:*:*:*:*:*
bestpracticalrequest_tracker4.0.0cpe:2.3:a:bestpractical:request_tracker:4.0.0:*:*:*:*:*:*:*
Rows per page:
1-10 of 171

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

6.5

Confidence

Low

EPSS

0.001

Percentile

49.2%