icon

We found results for “

CVE-2012-4733

Good to know:

icon

Date: August 23, 2013

Request Tracker (RT) 4.x before 4.0.13 does not properly enforce the DeleteTicket and "custom lifecycle transition" permission, which allows remote authenticated users with the ModifyTicket permission to delete tickets via unspecified vectors.

Language: Perl

Severity Score

Severity Score

Weakness Type (CWE)

Credentials Management

CWE-255

Top Fix

icon

Upgrade Version

Upgrade to version rt-4.0.13

Learn More

CVSS v2

Base Score:
Access Vector (AV): NETWORK
Access Complexity (AC): MEDIUM
Authentication (AU): SINGLE
Confidentiality (C): PARTIAL
Integrity (I): PARTIAL
Availability (A): PARTIAL
Additional information:

Do you need more information?

Contact Us