CVE-2011-4459
N/A
N/A
Summary
Best Practical Solutions RT 3.x before 3.8.12 and 4.x before 4.0.6 does not properly disable groups, which allows remote authenticated users to bypass intended access restrictions in opportunistic circumstances by leveraging a group membership.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://lists.bestpractical.com/pipermail/rt-announce/2012-May/000203.html
- http://secunia.com/advisories/49259
- http://lists.bestpractical.com/pipermail/rt-announce/2012-May/000204.html
- http://lists.bestpractical.com/pipermail/rt-announce/2012-May/000202.html
- http://www.securityfocus.com/bid/53660
References
- http://lists.bestpractical.com/pipermail/rt-announce/2012-May/000203.html
- http://secunia.com/advisories/49259
- http://lists.bestpractical.com/pipermail/rt-announce/2012-May/000204.html
- http://lists.bestpractical.com/pipermail/rt-announce/2012-May/000202.html
- http://www.securityfocus.com/bid/53660
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.