VDB

DEBIAN-CVE-2012-4733

DEBIAN-CVE-2012-4733 PUBLISHED CVSS 8.600000381469727 HIGH

Request Tracker (RT) 4.x before 4.0.13 does not properly enforce the DeleteTicket and "custom lifecycle transition" permission, which allows remote authenticated users with the ModifyTicket permission to delete tickets via unspecified vectors.

Risk Scores

CVSS 4.0
8.600000381469727
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected Products

VendorProductVersions
Debian:11request-tracker40, 0, 0
Debian:12request-tracker40, 0, 0

Timeline

  • Aug 23, 2013 CVE Published
  • Apr 28, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›