CVE-2013-3370 — Request-tracker4 vulnerability
Severity
6.8MEDIUMNVD
EPSS
1.1%
top 21.62%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedAug 23
Latest updateMay 17
Description
Request Tracker (RT) 3.8.x before 3.8.17 and 4.0.x before 4.0.13 does not properly restrict access to private callback components, which allows remote attackers to have an unspecified impact via a direct request.
CVSS vector
AV:N/AC:M/C:P/I:P/A:PExploitability: 8.6 | Impact: 6.4