Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-4731

Overview

Vulnerability Score 4.0 4.0
CVE Id CVE-2012-4731
Last Modified 28 Dec 2012 12:00:00
Published 11 Nov 2012 08:00:59
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2012-4731

Summary

FAQ manager for Request Tracker (RTFM) before 2.4.5 does not properly check user rights, which allows remote authenticated users to create arbitrary articles in arbitrary classes via unknown vectors.

Vulnerable Systems

Application

  • Bestpractical Rtfm 2.2.0

  • Bestpractical Rtfm 2.2.1

  • Bestpractical Rtfm 2.2.2

  • Bestpractical Rtfm 2.4.0

  • Bestpractical Rtfm 2.4.1

  • Bestpractical Rtfm 2.4.2

  • Bestpractical Rtfm 2.4.3


References

DEBIAN - DSA-2568

SECUNIA - 51111

SECUNIA - 51062

MLIST - [rt-announce] 20121025 RTFM 2.4.5 Released

MLIST - [rt-announce] 20121025 Security vulnerabilities in RT


Last Updated: 27 May 2016 10:53:44