4
CVE-2012-4731
- EPSS 1.66%
- Veröffentlicht 11.11.2012 13:00:59
- Zuletzt bearbeitet 16.06.2026 23:45:38
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
FAQ manager for Request Tracker (RTFM) before 2.4.5 does not properly check user rights, which allows remote authenticated users to create arbitrary articles in arbitrary classes via unknown vectors.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Bestpractical ≫ Rtfm Version <= 2.4.3
Bestpractical ≫ Rtfm Version2.2.0
Bestpractical ≫ Rtfm Version2.2.1
Bestpractical ≫ Rtfm Version2.2.2
Bestpractical ≫ Rtfm Version2.4.0
Bestpractical ≫ Rtfm Version2.4.1
Bestpractical ≫ Rtfm Version2.4.2
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.66% | 0.736 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4 | 8 | 2.9 |
AV:N/AC:L/Au:S/C:N/I:P/A:N
|
http://lists.bestpractical.com/pipermail/rt-announce/2012-October/000212.html
http://lists.bestpractical.com/pipermail/rt-announce/2012-October/000215.html
http://secunia.com/advisories/51062
http://secunia.com/advisories/51111
http://www.debian.org/security/2012/dsa-2568