Back to search
CVE-2012-6578
Published: Jul 24, 2013
Modified: Sep 17, 2024
PUBLISHED
Description
Best Practical Solutions RT 3.8.x before 3.8.15 and 4.0.x before 4.0.8, when GnuPG is enabled with a "Sign by default" queue configuration, uses a queue's key for signing, which might allow remote attackers to spoof messages by leveraging the lack of authentication semantics.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
[rt-announce] 20121025 Security vulnerabilities in RT
mailing-list
x_refsource_MLIST
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now