What is the severity of CVE-2011-2082?

CVE-2011-2082 has a medium severity rating due to its potential to allow unauthorized access to password information for disabled accounts.

How do I fix CVE-2011-2082?

To fix CVE-2011-2082, upgrade to RT version 3.8.12 or later, or 4.0.6 or later.

What versions are affected by CVE-2011-2082?

CVE-2011-2082 affects Best Practical Solutions RT versions prior to 3.8.12 and 4.0.6.

Who is affected by CVE-2011-2082?

User accounts that are disabled in the affected RT versions are vulnerable to attacks that can exploit this issue.

What is the impact of CVE-2011-2082?

The impact of CVE-2011-2082 is that it can lead to the exposure of cleartext passwords for disabled users, which may be exploited by context-dependent attackers.

Vulnerability/
CVE-2011-2082

medium

CWE

255

4/6/2012

6/8/2024

CVE-2011-2082

First published: Mon Jun 04 2012(Updated: )

The vulnerable-passwords script in Best Practical Solutions RT 3.x before 3.8.12 and 4.x before 4.0.6 does not update the password-hash algorithm for disabled user accounts, which makes it easier for context-dependent attackers to determine cleartext passwords, and possibly use these passwords after accounts are re-enabled, via a brute-force attack on the database. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-0009.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Bestpractical Rt	=3.8.7
Bestpractical Rt	=3.5.5
Bestpractical Rt	=3.0.4
Bestpractical Rt	=3.2.1-rc1
Bestpractical Rt	=3.6.0-pre1
Bestpractical Rt	=3.8.9-rc2
Bestpractical Rt	=3.4.0-rc2
Bestpractical Rt	=3.0.8
Bestpractical Rt	=3.8.11
Bestpractical Rt	=3.4.2-rc2
Bestpractical Rt	=3.6.4-rc2
Bestpractical Rt	=3.8.8-rc2
Bestpractical Rt	=3.2.1-rc3
Bestpractical Rt	=3.8.9-rc1
Bestpractical Rt	=3.2.0-rc4
Bestpractical Rt	=3.1.2
Bestpractical Rt	=3.4.2-rc1
Bestpractical Rt	=3.6.6-rc1
Bestpractical Rt	=3.4.5
Bestpractical Rt	=3.0.2
Bestpractical Rt	=3.5.4
Bestpractical Rt	=3.6.7
Bestpractical Rt	=3.0.10-rc1
Bestpractical Rt	=3.6.2
Bestpractical Rt	=3.4.5-rc2
Bestpractical Rt	=3.2.2
Bestpractical Rt	=3.6.3
Bestpractical Rt	=3.1.6
Bestpractical Rt	=3.0.11
Bestpractical Rt	=3.8.2
Bestpractical Rt	=3.8.8-rc4
Bestpractical Rt	=3.6.2-rc1
Bestpractical Rt	=3.1.11
Bestpractical Rt	=3.6.0-pre0
Bestpractical Rt	=3.1.10
Bestpractical Rt	=3.0.10-pre2
Bestpractical Rt	=3.6.5-rc1
Bestpractical Rt	=3.6.0
Bestpractical Rt	=3.6.6-rc2
Bestpractical Rt	=3.8.0
Bestpractical Rt	=3.4.0-rc5
Bestpractical Rt	=3.4.0
Bestpractical Rt	=3.6.3-rc4
Bestpractical Rt	=3.8.1-rc1
Bestpractical Rt	=3.8.10
Bestpractical Rt	=3.1.7
Bestpractical Rt	=3.4.4-pre2
Bestpractical Rt	=3.8.3-rc1
Bestpractical Rt	=3.8.9
Bestpractical Rt	=3.1.13
Bestpractical Rt	=3.4.7-rc1
Bestpractical Rt	=3.4.0-rc3
Bestpractical Rt	=3.6.5-rc2
Bestpractical Rt	=3.8.2-rc2
Bestpractical Rt	=3.8.0-rc1
Bestpractical Rt	=3.4.0-rc4
Bestpractical Rt	=3.0.10
Bestpractical Rt	=3.8.8-rc3
Bestpractical Rt	=3.8.2-rc1
Bestpractical Rt	=3.6.10
Bestpractical Rt	=3.0.10-pre1
Bestpractical Rt	=3.1.16
Bestpractical Rt	=3.2.3
Bestpractical Rt	=3.2.2-rc1
Bestpractical Rt	=3.6.3-rc2
Bestpractical Rt	=3.5.3
Bestpractical Rt	=3.0.5
Bestpractical Rt	=3.2.0
Bestpractical Rt	=3.8.9-rc3
Bestpractical Rt	=3.0.0
Bestpractical Rt	=3.4.6
Bestpractical Rt	=3.0.3
Bestpractical Rt	=3.4.3
Bestpractical Rt	=3.6.9
Bestpractical Rt	=3.6.6
Bestpractical Rt	=3.6.1-rc2
Bestpractical Rt	=3.6.5
Bestpractical Rt	=3.8.1-rc3
Bestpractical Rt	=3.4.3-rc2
Bestpractical Rt	=3.4.0-rc6
Bestpractical Rt	=3.6.2-rc3
Bestpractical Rt	=3.4.5-pre1
Bestpractical Rt	=3.8.4-rc1
Bestpractical Rt	=3.0.1
Bestpractical Rt	=3.8.1-rc4
Bestpractical Rt	=3.4.4-pre3
Bestpractical Rt	=3.2.1
Bestpractical Rt	=3.8.5
Bestpractical Rt	=3.6.6-rc3
Bestpractical Rt	=3.2.3-rc2
Bestpractical Rt	=3.4.4
Bestpractical Rt	=3.0.11-rc4
Bestpractical Rt	=3.5.6
Bestpractical Rt	=3.6.4-rc1
Bestpractical Rt	=3.6.8
Bestpractical Rt	=3.0.6
Bestpractical Rt	=3.2.1-rc2
Bestpractical Rt	=3.8.1-rc5
Bestpractical Rt	=3.1.8
Bestpractical Rt	=3.4.6-rc2
Bestpractical Rt	=3.4.3-rc1
Bestpractical Rt	=3.6.3-rc1
Bestpractical Rt	=3.6.0-rc1
Bestpractical Rt	=3.8.6-rc1
Bestpractical Rt	=3.2.0-rc2
Bestpractical Rt	=3.1.12
Bestpractical Rt	=3.1.5
Bestpractical Rt	=3.8.8
Bestpractical Rt	=3.8.0-rc3
Bestpractical Rt	=3.8.0-rc2
Bestpractical Rt	=3.2.0-rc1
Bestpractical Rt	=3.1.17
Bestpractical Rt	=3.0.7
Bestpractical Rt	=3.2.0-rc3
Bestpractical Rt	=3.7.86
Bestpractical Rt	=3.0.7.1
Bestpractical Rt	=3.6.3-rc3
Bestpractical Rt	=3.7.80
Bestpractical Rt	=3.1.15
Bestpractical Rt	=3.0.12
Bestpractical Rt	=3.6.2-rc4
Bestpractical Rt	=3.0.9
Bestpractical Rt	=3.4.4-pre1
Bestpractical Rt	=3.8.3
Bestpractical Rt	=3.7.1
Bestpractical Rt	=3.1.3
Bestpractical Rt	=3.6.1
Bestpractical Rt	=3.4.0-rc1
Bestpractical Rt	=3.4.1
Bestpractical Rt	=3.4.5-rc1
Bestpractical Rt	=3.2.3-rc1
Bestpractical Rt	=3.8.6
Bestpractical Rt	=3.6.4
Bestpractical Rt	=3.5.7
Bestpractical Rt	=3.6.0-rc3
Bestpractical Rt	=3.8.1
Bestpractical Rt	=3.8.4
Bestpractical Rt	=3.7.5
Bestpractical Rt	=3.8.1-rc2
Bestpractical Rt	=3.7.85
Bestpractical Rt	=3.6.1-rc1
Bestpractical Rt	=3.8.3-rc2
Bestpractical Rt	=3.6.2-rc5
Bestpractical Rt	=3.4.6-rc1
Bestpractical Rt	=3.6.1-pre2
Bestpractical Rt	=3.0.11-rc2
Bestpractical Rt	=3.2.1-rc4
Bestpractical Rt	=3.5.2
Bestpractical Rt	=3.6.0-rc2
Bestpractical Rt	=3.1.4
Bestpractical Rt	=3.0.11-rc3
Bestpractical Rt	=3.8.7-rc1
Bestpractical Rt	=3.1.14
Bestpractical Rt	=3.4.2
Bestpractical Rt	=3.5.1
Bestpractical Rt	=4.0.0-rc4
Bestpractical Rt	=4.0.3
Bestpractical Rt	=4.0.0-rc7
Bestpractical Rt	=4.0.1
Bestpractical Rt	=4.0.0-rc3
Bestpractical Rt	=4.0.0-rc8
Bestpractical Rt	=4.0.0-rc6
Bestpractical Rt	=4.0.0-rc5
Bestpractical Rt	=4.0.4
Bestpractical Rt	=4.0.0-rc2
Bestpractical Rt	=4.0.0
Bestpractical Rt	=3.8.12
Bestpractical Rt	=4.0.2
Bestpractical Rt	=4.0.0-rc1
Bestpractical Rt	=4.0.5

Remedy

http://lists.bestpractical.com/pipermail/rt-announce/2012-May/000203.html

Remedy

http://lists.bestpractical.com/pipermail/rt-announce/2012-May/000204.html

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2011-2082?
CVE-2011-2082 has a medium severity rating due to its potential to allow unauthorized access to password information for disabled accounts.
How do I fix CVE-2011-2082?
To fix CVE-2011-2082, upgrade to RT version 3.8.12 or later, or 4.0.6 or later.
What versions are affected by CVE-2011-2082?
CVE-2011-2082 affects Best Practical Solutions RT versions prior to 3.8.12 and 4.0.6.
Who is affected by CVE-2011-2082?
User accounts that are disabled in the affected RT versions are vulnerable to attacks that can exploit this issue.
What is the impact of CVE-2011-2082?
The impact of CVE-2011-2082 is that it can lead to the exposure of cleartext passwords for disabled users, which may be exploited by context-dependent attackers.

collector/nvd-historical
collector/nvd-index
agent/type
agent/softwarecombine
agent/remedy
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/references
agent/severity
agent/weakness
agent/author
agent/tags
agent/event
agent/first-publish-date
agent/description
agent/source
vendor/bestpractical
canonical/bestpractical rt
version/bestpractical rt/3.8.7
version/bestpractical rt/3.5.5
version/bestpractical rt/3.0.4
version/bestpractical rt/3.2.1-rc1
version/bestpractical rt/3.6.0-pre1
version/bestpractical rt/3.8.9-rc2
version/bestpractical rt/3.4.0-rc2
version/bestpractical rt/3.0.8
version/bestpractical rt/3.8.11
version/bestpractical rt/3.4.2-rc2
version/bestpractical rt/3.6.4-rc2
version/bestpractical rt/3.8.8-rc2
version/bestpractical rt/3.2.1-rc3
version/bestpractical rt/3.8.9-rc1
version/bestpractical rt/3.2.0-rc4
version/bestpractical rt/3.1.2
version/bestpractical rt/3.4.2-rc1
version/bestpractical rt/3.6.6-rc1
version/bestpractical rt/3.4.5
version/bestpractical rt/3.0.2
version/bestpractical rt/3.5.4
version/bestpractical rt/3.6.7
version/bestpractical rt/3.0.10-rc1
version/bestpractical rt/3.6.2
version/bestpractical rt/3.4.5-rc2
version/bestpractical rt/3.2.2
version/bestpractical rt/3.6.3
version/bestpractical rt/3.1.6
version/bestpractical rt/3.0.11
version/bestpractical rt/3.8.2
version/bestpractical rt/3.8.8-rc4
version/bestpractical rt/3.6.2-rc1
version/bestpractical rt/3.1.11
version/bestpractical rt/3.6.0-pre0
version/bestpractical rt/3.1.10
version/bestpractical rt/3.0.10-pre2
version/bestpractical rt/3.6.5-rc1
version/bestpractical rt/3.6.0
version/bestpractical rt/3.6.6-rc2
version/bestpractical rt/3.8.0
version/bestpractical rt/3.4.0-rc5
version/bestpractical rt/3.4.0
version/bestpractical rt/3.6.3-rc4
version/bestpractical rt/3.8.1-rc1
version/bestpractical rt/3.8.10
version/bestpractical rt/3.1.7
version/bestpractical rt/3.4.4-pre2
version/bestpractical rt/3.8.3-rc1
version/bestpractical rt/3.8.9
version/bestpractical rt/3.1.13
version/bestpractical rt/3.4.7-rc1
version/bestpractical rt/3.4.0-rc3
version/bestpractical rt/3.6.5-rc2
version/bestpractical rt/3.8.2-rc2
version/bestpractical rt/3.8.0-rc1
version/bestpractical rt/3.4.0-rc4
version/bestpractical rt/3.0.10
version/bestpractical rt/3.8.8-rc3
version/bestpractical rt/3.8.2-rc1
version/bestpractical rt/3.6.10
version/bestpractical rt/3.0.10-pre1
version/bestpractical rt/3.1.16
version/bestpractical rt/3.2.3
version/bestpractical rt/3.2.2-rc1
version/bestpractical rt/3.6.3-rc2
version/bestpractical rt/3.5.3
version/bestpractical rt/3.0.5
version/bestpractical rt/3.2.0
version/bestpractical rt/3.8.9-rc3
version/bestpractical rt/3.0.0
version/bestpractical rt/3.4.6
version/bestpractical rt/3.0.3
version/bestpractical rt/3.4.3
version/bestpractical rt/3.6.9
version/bestpractical rt/3.6.6
version/bestpractical rt/3.6.1-rc2
version/bestpractical rt/3.6.5
version/bestpractical rt/3.8.1-rc3
version/bestpractical rt/3.4.3-rc2
version/bestpractical rt/3.4.0-rc6
version/bestpractical rt/3.6.2-rc3
version/bestpractical rt/3.4.5-pre1
version/bestpractical rt/3.8.4-rc1
version/bestpractical rt/3.0.1
version/bestpractical rt/3.8.1-rc4
version/bestpractical rt/3.4.4-pre3
version/bestpractical rt/3.2.1
version/bestpractical rt/3.8.5
version/bestpractical rt/3.6.6-rc3
version/bestpractical rt/3.2.3-rc2
version/bestpractical rt/3.4.4
version/bestpractical rt/3.0.11-rc4
version/bestpractical rt/3.5.6
version/bestpractical rt/3.6.4-rc1
version/bestpractical rt/3.6.8
version/bestpractical rt/3.0.6
version/bestpractical rt/3.2.1-rc2
version/bestpractical rt/3.8.1-rc5
version/bestpractical rt/3.1.8
version/bestpractical rt/3.4.6-rc2
version/bestpractical rt/3.4.3-rc1
version/bestpractical rt/3.6.3-rc1
version/bestpractical rt/3.6.0-rc1
version/bestpractical rt/3.8.6-rc1
version/bestpractical rt/3.2.0-rc2
version/bestpractical rt/3.1.12
version/bestpractical rt/3.1.5
version/bestpractical rt/3.8.8
version/bestpractical rt/3.8.0-rc3
version/bestpractical rt/3.8.0-rc2
version/bestpractical rt/3.2.0-rc1
version/bestpractical rt/3.1.17
version/bestpractical rt/3.0.7
version/bestpractical rt/3.2.0-rc3
version/bestpractical rt/3.7.86
version/bestpractical rt/3.0.7.1
version/bestpractical rt/3.6.3-rc3
version/bestpractical rt/3.7.80
version/bestpractical rt/3.1.15
version/bestpractical rt/3.0.12
version/bestpractical rt/3.6.2-rc4
version/bestpractical rt/3.0.9
version/bestpractical rt/3.4.4-pre1
version/bestpractical rt/3.8.3
version/bestpractical rt/3.7.1
version/bestpractical rt/3.1.3
version/bestpractical rt/3.6.1
version/bestpractical rt/3.4.0-rc1
version/bestpractical rt/3.4.1
version/bestpractical rt/3.4.5-rc1
version/bestpractical rt/3.2.3-rc1
version/bestpractical rt/3.8.6
version/bestpractical rt/3.6.4
version/bestpractical rt/3.5.7
version/bestpractical rt/3.6.0-rc3
version/bestpractical rt/3.8.1
version/bestpractical rt/3.8.4
version/bestpractical rt/3.7.5
version/bestpractical rt/3.8.1-rc2
version/bestpractical rt/3.7.85
version/bestpractical rt/3.6.1-rc1
version/bestpractical rt/3.8.3-rc2
version/bestpractical rt/3.6.2-rc5
version/bestpractical rt/3.4.6-rc1
version/bestpractical rt/3.6.1-pre2
version/bestpractical rt/3.0.11-rc2
version/bestpractical rt/3.2.1-rc4
version/bestpractical rt/3.5.2
version/bestpractical rt/3.6.0-rc2
version/bestpractical rt/3.1.4
version/bestpractical rt/3.0.11-rc3
version/bestpractical rt/3.8.7-rc1
version/bestpractical rt/3.1.14
version/bestpractical rt/3.4.2
version/bestpractical rt/3.5.1
version/bestpractical rt/4.0.0-rc4
version/bestpractical rt/4.0.3
version/bestpractical rt/4.0.0-rc7
version/bestpractical rt/4.0.1
version/bestpractical rt/4.0.0-rc3
version/bestpractical rt/4.0.0-rc8
version/bestpractical rt/4.0.0-rc6
version/bestpractical rt/4.0.0-rc5
version/bestpractical rt/4.0.4
version/bestpractical rt/4.0.0-rc2
version/bestpractical rt/4.0.0
version/bestpractical rt/3.8.12
version/bestpractical rt/4.0.2
version/bestpractical rt/4.0.0-rc1
version/bestpractical rt/4.0.5

CVE-2011-2082

Remedy

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2011-2082?

How do I fix CVE-2011-2082?

What versions are affected by CVE-2011-2082?

Who is affected by CVE-2011-2082?

What is the impact of CVE-2011-2082?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2011-2082?

How do I fix CVE-2011-2082?

What versions are affected by CVE-2011-2082?

Who is affected by CVE-2011-2082?

What is the impact of CVE-2011-2082?