First published: Fri Apr 22 2011(Updated: )
Best Practical Solutions RT 3.0.0 through 3.6.10, 3.8.0 through 3.8.9, and 4.0.0rc through 4.0.0rc7 allows remote authenticated users to obtain sensitive information by using the search interface, as demonstrated by retrieving encrypted passwords.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Best Practical Solutions Request Tracker | =3.0.4 | |
Best Practical Solutions Request Tracker | =3.0.8 | |
Best Practical Solutions Request Tracker | =3.4.5 | |
Best Practical Solutions Request Tracker | =3.0.2 | |
Best Practical Solutions Request Tracker | =3.6.7 | |
Best Practical Solutions Request Tracker | =3.6.2 | |
Best Practical Solutions Request Tracker | =3.2.2 | |
Best Practical Solutions Request Tracker | =3.6.3 | |
Best Practical Solutions Request Tracker | =3.0.11 | |
Best Practical Solutions Request Tracker | =3.6.0 | |
Best Practical Solutions Request Tracker | =3.4.0 | |
Best Practical Solutions Request Tracker | =3.0.10 | |
Best Practical Solutions Request Tracker | =3.6.10 | |
Best Practical Solutions Request Tracker | =3.2.3 | |
Best Practical Solutions Request Tracker | =3.0.5 | |
Best Practical Solutions Request Tracker | =3.2.0 | |
Best Practical Solutions Request Tracker | =3.0.0 | |
Best Practical Solutions Request Tracker | =3.4.6 | |
Best Practical Solutions Request Tracker | =3.0.3 | |
Best Practical Solutions Request Tracker | =3.4.3 | |
Best Practical Solutions Request Tracker | =3.6.9 | |
Best Practical Solutions Request Tracker | =3.6.6 | |
Best Practical Solutions Request Tracker | =3.6.5 | |
Best Practical Solutions Request Tracker | =3.0.1 | |
Best Practical Solutions Request Tracker | =3.2.1 | |
Best Practical Solutions Request Tracker | =3.4.4 | |
Best Practical Solutions Request Tracker | =3.6.8 | |
Best Practical Solutions Request Tracker | =3.0.6 | |
Best Practical Solutions Request Tracker | =3.0.7 | |
Best Practical Solutions Request Tracker | =3.0.7.1 | |
Best Practical Solutions Request Tracker | =3.0.12 | |
Best Practical Solutions Request Tracker | =3.0.9 | |
Best Practical Solutions Request Tracker | =3.6.1 | |
Best Practical Solutions Request Tracker | =3.4.1 | |
Best Practical Solutions Request Tracker | =3.6.4 | |
Best Practical Solutions Request Tracker | =3.4.2 | |
Best Practical Solutions Request Tracker | =3.8.7 | |
Best Practical Solutions Request Tracker | =3.8.9-rc2 | |
Best Practical Solutions Request Tracker | =3.8.8-rc2 | |
Best Practical Solutions Request Tracker | =3.8.9-rc1 | |
Best Practical Solutions Request Tracker | =3.8.2 | |
Best Practical Solutions Request Tracker | =3.8.8-rc4 | |
Best Practical Solutions Request Tracker | =3.8.0 | |
Best Practical Solutions Request Tracker | =3.8.9 | |
Best Practical Solutions Request Tracker | =3.8.8-rc3 | |
Best Practical Solutions Request Tracker | =3.8.9-rc3 | |
Best Practical Solutions Request Tracker | =3.8.5 | |
Best Practical Solutions Request Tracker | =3.8.6-rc1 | |
Best Practical Solutions Request Tracker | =3.8.8 | |
Best Practical Solutions Request Tracker | =3.8.3 | |
Best Practical Solutions Request Tracker | =3.8.6 | |
Best Practical Solutions Request Tracker | =3.8.1 | |
Best Practical Solutions Request Tracker | =3.8.4 | |
Best Practical Solutions Request Tracker | =3.8.7-rc1 | |
Best Practical Solutions Request Tracker | =4.0.0-rc4 | |
Best Practical Solutions Request Tracker | =4.0.0-rc7 | |
Best Practical Solutions Request Tracker | =4.0.0-rc3 | |
Best Practical Solutions Request Tracker | =4.0.0-rc6 | |
Best Practical Solutions Request Tracker | =4.0.0-rc5 | |
Best Practical Solutions Request Tracker | =4.0.0-rc2 | |
Best Practical Solutions Request Tracker | =4.0.0-rc1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2011-1687 is classified as high due to the potential exposure of sensitive information.
To fix CVE-2011-1687, upgrade to the latest version of Best Practical Solutions Request Tracker that has addressed this vulnerability.
CVE-2011-1687 affects Best Practical Solutions RT versions 3.0.0 through 3.6.10 and 3.8.x up to 3.8.9, as well as 4.0.0rc versions through 4.0.0rc7.
Attackers can exploit CVE-2011-1687 to obtain sensitive data, including encrypted passwords, through the search interface.
Yes, CVE-2011-1687 can be exploited by remote authenticated users to access sensitive information.