CVE-2011-2084
EPSS 0.31%
Description
Best Practical Solutions RT 3.x before 3.8.12 and 4.x before 4.0.6 allows remote authenticated users to read (1) hashes of former passwords and (2) ticket correspondence history by leveraging access to a privileged account.
How to fix CVE-2011-2084
To remediate CVE-2011-2084, upgrade the affected package to a fixed version below.
- Debian/request-tracker4—upgrade to 4.0.5-3 or later
Is CVE-2011-2084 being exploited?
Low — EPSS is 0.3%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 4.0.5-3