VDB
DEBIAN-CVE-2012-4733
DEBIAN-CVE-2012-4733
PUBLISHED
CVSS 8.600000381469727 HIGH
Request Tracker (RT) 4.x before 4.0.13 does not properly enforce the DeleteTicket and "custom lifecycle transition" permission, which allows remote authenticated users with the ModifyTicket permission to delete tickets via unspecified vectors.
Risk Scores
CVSS 4.0
8.600000381469727
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:11 | request-tracker4 | 0, 0, 0 |
| Debian:12 | request-tracker4 | 0, 0, 0 |
Timeline
- Aug 23, 2013 CVE Published
- Apr 28, 2026 CVE Updated