Vulnerability Description
Vulnerability in Best Practical Solutions, LLC's Request Tracker prior to v5.0.8, where the Triple DES (3DES) cryptographic algorithm is used to protect emails sent with S/MIME encryption. Triple DES is considered obsolete and insecure due to its susceptibility to birthday attacks, which could compromise the confidentiality of encrypted messages.
Related Weaknesses (CWE)
References
- https://www.incibe.es/en/incibe-cert/notices/aviso/cryptographic-algorithm-not-r
- https://docs.bestpractical.com/release-notes/rt/4.4.8
- https://docs.bestpractical.com/release-notes/rt/5.0.8
- https://lists.debian.org/debian-lts-announce/2025/05/msg00009.html
FAQ
What is CVE-2025-2545?
CVE-2025-2545 is a documented vulnerability. Vulnerability in Best Practical Solutions, LLC's Request Tracker prior to v5.0.8, where the Triple DES (3DES) cryptographic algorithm is used to protect emails sent with S/MIME encryption. Triple DES ...
How severe is CVE-2025-2545?
CVSS scoring is not yet available for CVE-2025-2545. Check NVD for updates.
Is there a patch for CVE-2025-2545?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.