Lucene search
HistoryNov 11, 2012 - 1:00 p.m.
CVE-2012-4730
3.5 Low
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:S/C:P/I:N/A:N
5.8 Medium
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
42.3%
Request Tracker (RT) 3.8.x before 3.8.15 and 4.0.x before 4.0.8 allows remote authenticated users with ModifySelf or AdminUser privileges to inject arbitrary email headers and conduct phishing attacks or obtain sensitive information via unknown vectors.
Affected configurations
Node
bestpracticalrtMatch3.8.0
ORbestpracticalrtMatch3.8.0preflight1
ORbestpracticalrtMatch3.8.0rc1
ORbestpracticalrtMatch3.8.0rc2
ORbestpracticalrtMatch3.8.0rc3
ORbestpracticalrtMatch3.8.1
ORbestpracticalrtMatch3.8.1preflight0
ORbestpracticalrtMatch3.8.1rc1
ORbestpracticalrtMatch3.8.1rc2
ORbestpracticalrtMatch3.8.1rc3
ORbestpracticalrtMatch3.8.1rc4
ORbestpracticalrtMatch3.8.1rc5
ORbestpracticalrtMatch3.8.2
ORbestpracticalrtMatch3.8.2rc1
ORbestpracticalrtMatch3.8.2rc2
ORbestpracticalrtMatch3.8.3
ORbestpracticalrtMatch3.8.3rc1
ORbestpracticalrtMatch3.8.3rc2
ORbestpracticalrtMatch3.8.4
ORbestpracticalrtMatch3.8.4rc1
ORbestpracticalrtMatch3.8.5
ORbestpracticalrtMatch3.8.6
ORbestpracticalrtMatch3.8.6rc1
ORbestpracticalrtMatch3.8.7
ORbestpracticalrtMatch3.8.7rc1
ORbestpracticalrtMatch3.8.8
ORbestpracticalrtMatch3.8.8rc2
ORbestpracticalrtMatch3.8.8rc3
ORbestpracticalrtMatch3.8.8rc4
ORbestpracticalrtMatch3.8.9
ORbestpracticalrtMatch3.8.9rc1
ORbestpracticalrtMatch3.8.9rc2
ORbestpracticalrtMatch3.8.9rc3
ORbestpracticalrtMatch3.8.10
ORbestpracticalrtMatch3.8.10rc1
ORbestpracticalrtMatch3.8.11
ORbestpracticalrtMatch3.8.11rc1
ORbestpracticalrtMatch3.8.11rc2
ORbestpracticalrtMatch3.8.12
ORbestpracticalrtMatch3.8.13rc1
ORbestpracticalrtMatch3.8.13rc2
ORbestpracticalrtMatch3.8.14rc1
ORbestpracticalrtMatch4.0.0
ORbestpracticalrtMatch4.0.0rc1
ORbestpracticalrtMatch4.0.0rc2
ORbestpracticalrtMatch4.0.0rc3
ORbestpracticalrtMatch4.0.0rc4
ORbestpracticalrtMatch4.0.0rc5
ORbestpracticalrtMatch4.0.0rc6
ORbestpracticalrtMatch4.0.0rc7
ORbestpracticalrtMatch4.0.0rc8
ORbestpracticalrtMatch4.0.1
ORbestpracticalrtMatch4.0.1rc1
ORbestpracticalrtMatch4.0.1rc2
ORbestpracticalrtMatch4.0.2
ORbestpracticalrtMatch4.0.2rc1
ORbestpracticalrtMatch4.0.2rc2
ORbestpracticalrtMatch4.0.3
ORbestpracticalrtMatch4.0.3rc1
ORbestpracticalrtMatch4.0.3rc2
ORbestpracticalrtMatch4.0.4
ORbestpracticalrtMatch4.0.5
ORbestpracticalrtMatch4.0.5rc1
ORbestpracticalrtMatch4.0.6
ORbestpracticalrtMatch4.0.7rc1
ORbestpracticalrtMatch4.0.8rc1
ORbestpracticalrtMatch4.0.8rc2
Related
cve
cve
CVE-2012-4730
2022-10-03 16:15:34
cvelist
cvelist
CVE-2012-4730
2022-10-03 16:15:34
debiancve
debiancve
CVE-2012-4730
2022-10-03 16:15:34
prion
prion
Cross site request forgery (csrf)
2012-11-11 13:00:00
ubuntucve
ubuntucve
CVE-2012-4730
2012-11-11 00:00:00
fedora
fedora
[SECURITY] Fedora 18 Update: rt3-3.8.15-1.fc18
2012-11-08 05:43:51
[SECURITY] Fedora 16 Update: rt3-3.8.15-1.fc16
2012-11-08 01:53:54
[SECURITY] Fedora 17 Update: rt3-3.8.15-1.fc17
2012-11-08 01:55:15
openvas
openvas
Fedora Update for rt3 FEDORA-2012-17218
2012-11-09 00:00:00
Debian Security Advisory DSA 2567-1 (request-tracker3.8)
2012-10-29 00:00:00
Fedora Update for rt3 FEDORA-2012-17218
2012-11-09 00:00:00
debian
debian
[SECURITY] [DSA 2567-1] request-tracker3.8 security update
2012-10-26 20:12:00
securityvulns
securityvulns
[SECURITY] [DSA 2567-1] request-tracker3.8 security update
2012-10-30 00:00:00
freebsd
freebsd
RT -- Multiple Vulnerabilities
2012-10-26 00:00:00
osv
osv
request-tracker3.8 - several
2012-10-26 00:00:00
nessus
nessus
Debian DSA-2567-1 : request-tracker3.8 - several vulnerabilities
2012-10-29 00:00:00
Fedora 18 : rt3-3.8.15-1.fc18 (2012-17143)
2012-11-08 00:00:00
3.5 Low
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:S/C:P/I:N/A:N
5.8 Medium
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
42.3%
Related for NVD:CVE-2012-4730