CVE-2011-2085 [Medium]

CVE-2011-2085 is rated Moderate Risk (49.1/100): CVSS Medium severity, with medium exploitation likelihood (EPSS 1.07%). Review affected assets and schedule remediation.

#	Date	Old EPSS score	New EPSS score	Delta (New - Old)
1	2026-06-15	0.29%	1.07%	+0.78%
2	2025-03-30	0.40%	0.29%	-0.10%
3	2025-03-29	—	0.40%	—

Date

Old EPSS score

New EPSS score

Delta (New - Old)

2026-06-15

0.29%

1.07%

+0.78%

2025-03-30

0.40%

0.29%

-0.10%

2025-03-29

—

0.40%

—

Base score	Version	Severity	Vector	Exploitability	Impact	Score source
6.8	2.0	MEDIUM	`AV:N/AC:M/Au:N/C:P/I:P/A:P` Click to expand Access vector (AV:N) Can be exploited remotely over network reachability. Access complexity (AC:M) Exploitation needs some favorable conditions, but not exceptional ones. Authentication (AU:N) No authentication is required. Confidentiality impact (C:P) Partial confidentiality impact. Integrity impact (I:P) Partial integrity impact. Availability impact (A:P) Partial availability impact.	8.6	6.4	[email protected]

Base score

Version

Severity

Vector

Exploitability

Impact

Score source

6.8

2.0

MEDIUM

AV:N/AC:M/Au:N/C:P/I:P/A:P Click to expand

Access vector (AV:N): Can be exploited remotely over network reachability.
Access complexity (AC:M): Exploitation needs some favorable conditions, but not exceptional ones.
Authentication (AU:N): No authentication is required.
Confidentiality impact (C:P): Partial confidentiality impact.
Integrity impact (I:P): Partial integrity impact.
Availability impact (A:P): Partial availability impact.

8.6

6.4

[email protected]

OS Trackers for CVE-2011-2085

vendor	priority	summary	link
`debian`	not yet assigned	CVE-2011-2085 not yet assigned priority: Debian including 1 source packages (request-tracker4), 2 status rows across 2 suites (bookworm, bullseye): resolved 2.	https://security-tracker.debian.org/tracker/CVE-2011-2085
`ubuntu`	medium	CVE-2011-2085 medium priority: Ubuntu including 4 source packages (request-tracker3.6, request-tracker3.8, request-tracker4, rt), 64 status rows across 16 suites (hardy, lucid, natty, oneiric, precise, quantal, raring, saucy, trusty, upstream, utopic, vivid, wily, xenial, yakkety, zesty): DNE 44, not-affected 9, ignored 4, released 4, needs-triage 3.	https://ubuntu.com/security/CVE-2011-2085

Affected software / configurations for CVE-2011-2085

Vendor	Product	Version	Raw CPE
bestpractical	rt	<= 3.8.11	cpe:2.3:a:bestpractical:rt::::::::
bestpractical	rt	1.0.0	cpe:2.3:a:bestpractical:rt:1.0.0:::::::*
bestpractical	rt	1.0.1	cpe:2.3:a:bestpractical:rt:1.0.1:::::::*
bestpractical	rt	1.0.2	cpe:2.3:a:bestpractical:rt:1.0.2:::::::*
bestpractical	rt	1.0.3	cpe:2.3:a:bestpractical:rt:1.0.3:::::::*
bestpractical	rt	1.0.4	cpe:2.3:a:bestpractical:rt:1.0.4:::::::*
bestpractical	rt	1.0.5	cpe:2.3:a:bestpractical:rt:1.0.5:::::::*
bestpractical	rt	1.0.6	cpe:2.3:a:bestpractical:rt:1.0.6:::::::*
bestpractical	rt	1.0.7	cpe:2.3:a:bestpractical:rt:1.0.7:::::::*
bestpractical	rt	2.0.0	cpe:2.3:a:bestpractical:rt:2.0.0:::::::*
bestpractical	rt	2.0.1	cpe:2.3:a:bestpractical:rt:2.0.1:::::::*
bestpractical	rt	2.0.2	cpe:2.3:a:bestpractical:rt:2.0.2:::::::*
bestpractical	rt	2.0.3	cpe:2.3:a:bestpractical:rt:2.0.3:::::::*
bestpractical	rt	2.0.4	cpe:2.3:a:bestpractical:rt:2.0.4:::::::*
bestpractical	rt	2.0.5	cpe:2.3:a:bestpractical:rt:2.0.5:::::::*
bestpractical	rt	2.0.5.1	cpe:2.3:a:bestpractical:rt:2.0.5.1:::::::*
bestpractical	rt	2.0.5.3	cpe:2.3:a:bestpractical:rt:2.0.5.3:::::::*
bestpractical	rt	2.0.6	cpe:2.3:a:bestpractical:rt:2.0.6:::::::*
bestpractical	rt	2.0.7	cpe:2.3:a:bestpractical:rt:2.0.7:::::::*
bestpractical	rt	2.0.8	cpe:2.3:a:bestpractical:rt:2.0.8:::::::*
bestpractical	rt	2.0.8.2	cpe:2.3:a:bestpractical:rt:2.0.8.2:::::::*
bestpractical	rt	2.0.9	cpe:2.3:a:bestpractical:rt:2.0.9:::::::*
bestpractical	rt	2.0.11	cpe:2.3:a:bestpractical:rt:2.0.11:::::::*
bestpractical	rt	2.0.12	cpe:2.3:a:bestpractical:rt:2.0.12:::::::*
bestpractical	rt	2.0.13	cpe:2.3:a:bestpractical:rt:2.0.13:::::::*
bestpractical	rt	2.0.14	cpe:2.3:a:bestpractical:rt:2.0.14:::::::*
bestpractical	rt	2.0.15	cpe:2.3:a:bestpractical:rt:2.0.15:::::::*
bestpractical	rt	3.0.0	cpe:2.3:a:bestpractical:rt:3.0.0:::::::*
bestpractical	rt	3.0.1	cpe:2.3:a:bestpractical:rt:3.0.1:::::::*
bestpractical	rt	3.0.2	cpe:2.3:a:bestpractical:rt:3.0.2:::::::*
bestpractical	rt	3.0.3	cpe:2.3:a:bestpractical:rt:3.0.3:::::::*
bestpractical	rt	3.0.4	cpe:2.3:a:bestpractical:rt:3.0.4:::::::*
bestpractical	rt	3.0.5	cpe:2.3:a:bestpractical:rt:3.0.5:::::::*
bestpractical	rt	3.0.6	cpe:2.3:a:bestpractical:rt:3.0.6:::::::*
bestpractical	rt	3.0.7	cpe:2.3:a:bestpractical:rt:3.0.7:::::::*
bestpractical	rt	3.0.7.1	cpe:2.3:a:bestpractical:rt:3.0.7.1:::::::*
bestpractical	rt	3.0.8	cpe:2.3:a:bestpractical:rt:3.0.8:::::::*
bestpractical	rt	3.0.9	cpe:2.3:a:bestpractical:rt:3.0.9:::::::*
bestpractical	rt	3.0.10	cpe:2.3:a:bestpractical:rt:3.0.10:::::::*
bestpractical	rt	3.0.10	cpe:2.3:a:bestpractical:rt:3.0.10:pre1::::::
bestpractical	rt	3.0.10	cpe:2.3:a:bestpractical:rt:3.0.10:pre2::::::
bestpractical	rt	3.0.10	cpe:2.3:a:bestpractical:rt:3.0.10:rc1::::::
bestpractical	rt	3.0.11	cpe:2.3:a:bestpractical:rt:3.0.11:::::::*
bestpractical	rt	3.0.11	cpe:2.3:a:bestpractical:rt:3.0.11:rc2::::::
bestpractical	rt	3.0.11	cpe:2.3:a:bestpractical:rt:3.0.11:rc3::::::
bestpractical	rt	3.0.11	cpe:2.3:a:bestpractical:rt:3.0.11:rc4::::::
bestpractical	rt	3.0.12	cpe:2.3:a:bestpractical:rt:3.0.12:::::::*
bestpractical	rt	3.1.2	cpe:2.3:a:bestpractical:rt:3.1.2:::::::*
bestpractical	rt	3.1.3	cpe:2.3:a:bestpractical:rt:3.1.3:::::::*
bestpractical	rt	3.1.4	cpe:2.3:a:bestpractical:rt:3.1.4:::::::*
bestpractical	rt	3.1.5	cpe:2.3:a:bestpractical:rt:3.1.5:::::::*
bestpractical	rt	3.1.6	cpe:2.3:a:bestpractical:rt:3.1.6:::::::*
bestpractical	rt	3.1.7	cpe:2.3:a:bestpractical:rt:3.1.7:::::::*
bestpractical	rt	3.1.8	cpe:2.3:a:bestpractical:rt:3.1.8:::::::*
bestpractical	rt	3.1.10	cpe:2.3:a:bestpractical:rt:3.1.10:::::::*
bestpractical	rt	3.1.11	cpe:2.3:a:bestpractical:rt:3.1.11:::::::*
bestpractical	rt	3.1.12	cpe:2.3:a:bestpractical:rt:3.1.12:::::::*
bestpractical	rt	3.1.13	cpe:2.3:a:bestpractical:rt:3.1.13:::::::*
bestpractical	rt	3.1.14	cpe:2.3:a:bestpractical:rt:3.1.14:::::::*
bestpractical	rt	3.1.15	cpe:2.3:a:bestpractical:rt:3.1.15:::::::*
bestpractical	rt	3.1.16	cpe:2.3:a:bestpractical:rt:3.1.16:::::::*
bestpractical	rt	3.1.17	cpe:2.3:a:bestpractical:rt:3.1.17:::::::*
bestpractical	rt	3.2.0	cpe:2.3:a:bestpractical:rt:3.2.0:::::::*
bestpractical	rt	3.2.0	cpe:2.3:a:bestpractical:rt:3.2.0:rc1::::::
bestpractical	rt	3.2.0	cpe:2.3:a:bestpractical:rt:3.2.0:rc2::::::
bestpractical	rt	3.2.0	cpe:2.3:a:bestpractical:rt:3.2.0:rc3::::::
bestpractical	rt	3.2.0	cpe:2.3:a:bestpractical:rt:3.2.0:rc4::::::
bestpractical	rt	3.2.1	cpe:2.3:a:bestpractical:rt:3.2.1:::::::*
bestpractical	rt	3.2.1	cpe:2.3:a:bestpractical:rt:3.2.1:rc1::::::
bestpractical	rt	3.2.1	cpe:2.3:a:bestpractical:rt:3.2.1:rc2::::::
bestpractical	rt	3.2.1	cpe:2.3:a:bestpractical:rt:3.2.1:rc3::::::
bestpractical	rt	3.2.1	cpe:2.3:a:bestpractical:rt:3.2.1:rc4::::::
bestpractical	rt	3.2.2	cpe:2.3:a:bestpractical:rt:3.2.2:::::::*
bestpractical	rt	3.2.2	cpe:2.3:a:bestpractical:rt:3.2.2:rc1::::::
bestpractical	rt	3.2.3	cpe:2.3:a:bestpractical:rt:3.2.3:::::::*
bestpractical	rt	3.2.3	cpe:2.3:a:bestpractical:rt:3.2.3:rc1::::::
bestpractical	rt	3.2.3	cpe:2.3:a:bestpractical:rt:3.2.3:rc2::::::
bestpractical	rt	3.4.0	cpe:2.3:a:bestpractical:rt:3.4.0:::::::*
bestpractical	rt	3.4.0	cpe:2.3:a:bestpractical:rt:3.4.0:rc1::::::
bestpractical	rt	3.4.0	cpe:2.3:a:bestpractical:rt:3.4.0:rc2::::::

References for CVE-2011-2085

URL	Tags
http://lists.bestpractical.com/pipermail/rt-announce/2012-May/000202.html	Patch
http://lists.bestpractical.com/pipermail/rt-announce/2012-May/000203.html	Patch
http://lists.bestpractical.com/pipermail/rt-announce/2012-May/000204.html	Vendor Advisory
http://secunia.com/advisories/49259
http://www.securityfocus.com/bid/53660
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E

URL

CVE-2011-2085

Exploit prediction scoring system (EPSS) score for CVE-2011-2085

Common vulnerability scoring system (CVSS) metrics for CVE-2011-2085

Weakness enumeration for CVE-2011-2085

OS Trackers for CVE-2011-2085

Affected software / configurations for CVE-2011-2085

References for CVE-2011-2085