CVE-2011-1690RT vulnerability

CWE-2553 documents3 sources
Severity
4.3MEDIUMNVD
EPSS
0.8%
top 25.54%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Bestpractical RT
Timeline
PublishedApr 22
Latest updateMay 17

Description

Best Practical Solutions RT 3.6.0 through 3.6.10 and 3.8.0 through 3.8.8 allows remote attackers to trick users into sending credentials to an arbitrary server via unspecified vectors.

CVSS vector

AV:N/AC:M/C:N/I:P/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages1 packages

NVDbestpractical/rt20 versions+19

Patches

Patch: lists.bestpractical.comPatch: lists.bestpractical.comPatch: lists.bestpractical.com

🔴Vulnerability Details

1
GHSA
GHSA-9hr3-v7cg-39j6: Best Practical Solutions RT 32022-05-17

💬Community

1
Bugzilla
CVE-2011-1685 CVE-2011-1686 CVE-2011-1687 CVE-2011-1688 CVE-2011-1689 CVE-2011-1690 rt3: several security flaws fixed in 3.6.11, 3.8.102011-04-14
CVE-2011-1690 — Bestpractical RT vulnerability | cvebase