VDB
CVE-2011-4459
CVE-2011-4459
PUBLISHED
CVSS 3.5 LOW
Best Practical Solutions RT 3.x before 3.8.12 and 4.x before 4.0.6 does not properly disable groups, which allows remote authenticated users to bypass intended access restrictions in opportunistic circumstances by leveraging a group membership.
EPSS 0.26% · 49.6th percentile
Risk Scores
CVSS 2.0
3.5
EPSS Score
0.26%
49.6th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| bestpractical | rt | 3.6.2, 3.0.3, 3.0.0 |
| n/a | n/a | * |
Timeline
- Jun 4, 2012 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 17, 2022 CVE Updated
- May 20, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 2, 2023 EPSS Score
References
- [rt-announce] 20120522 RT 3.8.12 Released - Security Release mailing-list
- 49259 third-party-advisory
- [rt-announce] 20120522 RT 4.0.6 Released - Security Release mailing-list
- [rt-announce] 20120522 Security vulnerabilities in RT mailing-list
- 53660 vdb
- https://nvd.nist.gov/vuln/detail/CVE-2011-4459 advisory