CVE-2025-2545

Published: May 5, 2025

Modified: Nov 3, 2025

PUBLISHED

Description

Vulnerability in Best Practical Solutions, LLC's Request Tracker prior to v5.0.8, where the Triple DES (3DES) cryptographic algorithm is used to protect emails sent with S/MIME encryption. Triple DES is considered obsolete and insecure due to its susceptibility to birthday attacks, which could compromise the confidentiality of encrypted messages.

Vendor	Product	Versions
Best Practical Solutions	Request Tracker	affected `0 - < 5.0.8`

Weaknesses (CWE)

CWE-327

References

https://www.incibe.es/en/incibe-cert/notices/aviso/cryptographic-algorithm-not-recommended-request-tracker-best-practical

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-2545

Description

Affected Products

Weaknesses (CWE)

References