CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
AI Score
Confidence
Low
EPSS
Percentile
73.5%
RT (aka Request Tracker) 3.8.8 through 4.x before 4.0.23 and 4.2.x before 4.2.10 allows remote attackers to obtain sensitive RSS feed URLs and ticket data via unspecified vectors.
Vendor | Product | Version | CPE |
---|---|---|---|
debian | debian_linux | 7.0 | cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:* |
fedoraproject | fedora | 21 | cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:* |
fedoraproject | fedora | 22 | cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:* |
bestpractical | request_tracker | 3.8.8 | cpe:2.3:a:bestpractical:request_tracker:3.8.8:*:*:*:*:*:*:* |
bestpractical | request_tracker | 3.8.9 | cpe:2.3:a:bestpractical:request_tracker:3.8.9:*:*:*:*:*:*:* |
bestpractical | request_tracker | 3.8.10 | cpe:2.3:a:bestpractical:request_tracker:3.8.10:*:*:*:*:*:*:* |
bestpractical | request_tracker | 3.8.11 | cpe:2.3:a:bestpractical:request_tracker:3.8.11:*:*:*:*:*:*:* |
bestpractical | request_tracker | 3.8.12 | cpe:2.3:a:bestpractical:request_tracker:3.8.12:*:*:*:*:*:*:* |
bestpractical | request_tracker | 3.8.13 | cpe:2.3:a:bestpractical:request_tracker:3.8.13:*:*:*:*:*:*:* |
bestpractical | request_tracker | 3.8.14 | cpe:2.3:a:bestpractical:request_tracker:3.8.14:*:*:*:*:*:*:* |