CVE-2011-4459
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2011-4459
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2011-4459.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2011-4459
- Published
- 2012-06-04T19:55:01Z
- Modified
- 2025-04-11T04:00:06Z
- Downstream
- Summary
- [none]
- Details
-
Best Practical Solutions RT 3.x before 3.8.12 and 4.x before 4.0.6 does not properly disable groups, which allows remote authenticated users to bypass intended access restrictions in opportunistic circumstances by leveraging a group membership.
- References
-
- http://lists.bestpractical.com/pipermail/rt-announce/2012-May/000202.html
- http://secunia.com/advisories/49259
- http://lists.bestpractical.com/pipermail/rt-announce/2012-May/000203.html
- http://lists.bestpractical.com/pipermail/rt-announce/2012-May/000204.html
- http://www.securityfocus.com/bid/53660
- https://security-tracker.debian.org/tracker/CVE-2011-4459
Affected packages
Debian:11 / request-tracker4
Package
- Name
- request-tracker4
- Purl
- pkg:deb/debian/request-tracker4?arch=source
Debian:12 / request-tracker4
Package
- Name
- request-tracker4
- Purl
- pkg:deb/debian/request-tracker4?arch=source