CVE-2025-2545

Deprecated 3DES cryptographic algorithm used by Request Tracker in emails encrypted with S/MIME

Description

Vulnerability in Best Practical Solutions, LLC's Request Tracker prior to v5.0.8, where the Triple DES (3DES) cryptographic algorithm is used to protect emails sent with S/MIME encryption. Triple DES is considered obsolete and insecure due to its susceptibility to birthday attacks, which could compromise the confidentiality of encrypted messages.

Remediation

Solution:

The vulnerability has been fixed by the Best Practical Solutions, LLC team in version 5.0.8.

References

Link	Tags
https://www.incibe.es/en/incibe-cert/notices/aviso/cryptographic-algorithm-not-recommended-request-tracker-best-practical
https://docs.bestpractical.com/release-notes/rt/4.4.8
https://docs.bestpractical.com/release-notes/rt/5.0.8

Frequently Asked Questions

What is the severity of CVE-2025-2545?: CVE-2025-2545 has been scored as a low severity vulnerability.
How to fix CVE-2025-2545?: To fix CVE-2025-2545: The vulnerability has been fixed by the Best Practical Solutions, LLC team in version 5.0.8.
Is CVE-2025-2545 being actively exploited in the wild?: As for now, there are no information to confirm that CVE-2025-2545 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2025-2545?: CVE-2025-2545 affects Best Practical Solutions Request Tracker.

This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.

Description

Remediation

Category

CWE-327 – Use of a Broken or Risky Cryptographic Algorithm

References

Frequently Asked Questions