CVE-2012-4731

Sažetak

FAQ manager for Request Tracker (RTFM) before 2.4.5 does not properly check user rights, which allows remote authenticated users to create arbitrary articles in arbitrary classes via unknown vectors.

Reference

http://lists.bestpractical.com/pipermail/rt-announce/2012-October/000212.html
http://lists.bestpractical.com/pipermail/rt-announce/2012-October/000215.html
http://secunia.com/advisories/51062
http://secunia.com/advisories/51111
http://www.debian.org/security/2012/dsa-2568

CVSS

Base:	4.0
Impact:	2.9
Exploitability:	8.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	PARTIAL	NONE

CVSS vektor

AV:N/AC:L/Au:S/C:N/I:P/A:N

Zadnje važnije ažuriranje

28-12-2012 - 05:00

Objavljeno

11-11-2012 - 13:00