MidnightBSD

Advisories for blackberry

CVE-2002-0793 MEDIUM

Hard link and possibly symbolic link following vulnerabilities in QNX RTOS 4.25 (aka QNX4) allow local users to overwrite arbitrary files via (1) the -f argument to the monitor utility, (2) the -d argument to dumper, (3) the -c argument to crttrap, or (4) using the Watcom sample utility.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N 1.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-59,

Products Affected

Vendor Product Version
blackberry qnx_neutrino_real-time_operating_system 4.25
CVE-2011-0291 HIGH

The BlackBerry PlayBook service on the Research In Motion (RIM) BlackBerry PlayBook tablet with software before 1.0.8.6067 allows local users to gain privileges via a crafted configuration file in a backup archive.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-200,

Products Affected

Vendor Product Version
blackberry blackberry_tablet_os 1.0.8.4985
CVE-2012-5828 MEDIUM

BlackBerry PlayBook before 2.1 has an Information Disclosure Vulnerability via a Web browser component error

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
blackberry playbook_firmware *
CVE-2013-2687 HIGH

Stack-based buffer overflow in the bpe_decompress function in (1) BlackBerry QNX Neutrino RTOS through 6.5.0 SP1 and (2) QNX Momentics Tool Suite through 6.5.0 SP1 in the QNX Software Development Platform allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted packets to TCP port 4868.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
blackberry qnx_momentics_tool_suite *
blackberry qnx_neutrino_rtos 6.4.1
blackberry qnx_momentics_tool_suite 4.6
blackberry qnx_neutrino_rtos 6.5.0
blackberry qnx_neutrino_rtos *
blackberry qnx_momentics_tool_suite 4.5
blackberry qnx_momentics_tool_suite 6.5.0
blackberry qnx_software_development_platform -
blackberry qnx_momentics_tool_suite 4.7
CVE-2013-2688 MEDIUM

Buffer overflow in phrelay in BlackBerry QNX Neutrino RTOS through 6.5.0 SP1 in the QNX Software Development Platform allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted packets to TCP port 4868 that leverage improper handling of the /dev/photon device file.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
blackberry qnx_neutrino_rtos 6.4.1
blackberry qnx_neutrino_rtos 6.5.0
blackberry qnx_neutrino_rtos *
blackberry qnx_software_development_platform -
CVE-2013-3692 MEDIUM

BlackBerry 10 OS before 10.0.10.648 on BlackBerry Z10 smartphones uses weak permissions for a BlackBerry Protect object, which allows physically proximate attackers to bypass intended access restrictions by leveraging a user's BlackBerry Protect password-reset request and a user's installation of a crafted application.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
blackberry blackberry_os *
blackberry blackberry_os 10.0.10
blackberry blackberry_os 10.0
blackberry blackberry_os 10.0.10.85
blackberry z10 -
CVE-2013-3693 HIGH

The BlackBerry Universal Device Service in BlackBerry Enterprise Service (BES) 10.0 through 10.1.2 does not properly restrict access to the JBoss Remote Method Invocation (RMI) interface, which allows remote attackers to upload and execute arbitrary packages via a request to port 1098.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-264,

Products Affected

Vendor Product Version
blackberry blackberry_enterprise_service 10.1.0
blackberry blackberry_enterprise_service 10.1.2
blackberry blackberry_enterprise_service 10.0
CVE-2013-3694 MEDIUM

BlackBerry Link before 1.2.1.31 on Windows and before 1.1.1 build 39 on Mac OS X does not require authentication for remote file-access folders, which allows remote attackers to read or create arbitrary files via IPv6 WebDAV requests, as demonstrated by a CSRF attack involving DNS rebinding.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,

Products Affected

Vendor Product Version
blackberry blackberry_link 1.2.0.12
blackberry blackberry_link 1.0.1.12
blackberry blackberry_link 1.1.1.41
blackberry blackberry_link *
blackberry blackberry_link 1.1.1.26
CVE-2013-6798 MEDIUM

BlackBerry Link before 1.2.1.31 on Windows and before 1.1.1 build 39 on Mac OS X does not properly determine the user account for execution of Peer Manager in certain situations involving successive logins with different accounts, which allows context-dependent attackers to bypass intended restrictions on remote file-access folders via IPv6 WebDAV requests, a different vulnerability than CVE-2013-3694.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
blackberry blackberry_link 1.2.0.12
blackberry blackberry_link 1.0.1.12
blackberry blackberry_link 1.1.1.41
blackberry blackberry_link *
blackberry blackberry_link 1.1.1.26
CVE-2014-1467 MEDIUM

BlackBerry Enterprise Service 10 before 10.2.1, Universal Device Service 6, Enterprise Server Express for Domino through 5.0.4, Enterprise Server Express for Exchange through 5.0.4, Enterprise Server for Domino through 5.0.4 MR6, Enterprise Server for Exchange through 5.0.4 MR6, and Enterprise Server for GroupWise through 5.0.4 MR6 log cleartext credentials during exception handling, which might allow context-dependent attackers to obtain sensitive information by reading a log file.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-255,

Products Affected

Vendor Product Version
blackberry enterprise_server *
blackberry blackberry_enterprise_service 10.2.0
blackberry blackberry_enterprise_service 10.1.0
blackberry blackberry_universal_device_service 6.0
blackberry blackberry_enterprise_service 10.1.2
blackberry enterprise_server_express *
blackberry blackberry_enterprise_service 10.0
CVE-2014-1469 MEDIUM

BlackBerry Enterprise Server 5.x before 5.0.4 MR7 and Enterprise Service 10.x before 10.2.2 log cleartext credentials during exception handling, which allows local users to obtain sensitive information by reading the exception log file.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-310,

Products Affected

Vendor Product Version
blackberry enterprise_server *
blackberry blackberry_enterprise_service 10.2.0
blackberry blackberry_enterprise_service 10.1.0
blackberry blackberry_enterprise_service 10.1.2
blackberry blackberry_enterprise_service 10.2.1
blackberry blackberry_enterprise_service 10.0
blackberry enterprise_server_express 5.0.4
CVE-2014-2388 MEDIUM

The Storage and Access service in BlackBerry OS 10.x before 10.2.1.1925 on Q5, Q10, Z10, and Z30 devices does not enforce the password requirement for SMB filesystem access, which allows context-dependent attackers to read arbitrary files via (1) a session over a Wi-Fi network or (2) a session over a USB connection in Development Mode.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
blackberry blackberry_os *
blackberry z10 -
blackberry z30 -
blackberry q10 -
blackberry q5 -
CVE-2014-2389 HIGH

Stack-based buffer overflow in a certain decryption function in qconnDoor on BlackBerry Z10 devices with software 10.1.0.2312, when developer-mode has been previously enabled, allows remote attackers to execute arbitrary code via a crafted packet in a TCP session on a wireless network.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
blackberry blackberry_os 10.1.0.2312
blackberry blackberry_z10 -
CVE-2014-2533 HIGH

/sbin/ifwatchd in BlackBerry QNX Neutrino RTOS 6.4.x and 6.5.x allows local users to gain privileges by providing an arbitrary program name as a command-line argument.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-264,

Products Affected

Vendor Product Version
blackberry qnx_neutrino_rtos 6.4.1
blackberry qnx_neutrino_rtos 6.5.0
CVE-2014-2534 MEDIUM

/sbin/pppoectl in BlackBerry QNX Neutrino RTOS 6.4.x and 6.5.x allows local users to obtain sensitive information by reading "bad parameter" lines in error messages, as demonstrated by reading the root password hash in /etc/shadow.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
blackberry qnx_neutrino_rtos 6.4.1
blackberry qnx_neutrino_rtos 6.5.0
CVE-2014-6611 MEDIUM

The BlackBerry World app before 5.0.0.262 on BlackBerry 10 OS 10.2.0, before 5.0.0.263 on BlackBerry 10 OS 10.2.1, and before 5.1.0.53 on BlackBerry 10 OS 10.3.0 does not properly validate download/update requests, which allows user-assisted man-in-the-middle attackers to spoof servers and trigger the download of a crafted app by modifying the client-server data stream.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
blackberry blackberry_world *
blackberry blackberry_os 10.3.0
blackberry blackberry_os 10.2.1
blackberry blackberry_os 10.2.0
CVE-2015-4111 MEDIUM

mc_demux_mp4_ds.ax in an unspecified third-party codec demux in BlackBerry Link before 1.2.3.53 with installer before 1.1.0.22 allows remote attackers to execute arbitrary code via a crafted MP4 file.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
blackberry blackberry_link *
CVE-2015-4112 MEDIUM

The Management Console in BlackBerry Enterprise Server (BES) 12 before 12.2 does not properly restrict use of FRAME elements, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web site, related to a "cross frame scripting" issue.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-254,

Products Affected

Vendor Product Version
blackberry enterprise_server 12.0
blackberry enterprise_server 12.1
CVE-2016-1914 MEDIUM

Multiple SQL injection vulnerabilities in the com.rim.mdm.ui.server.ImageServlet servlet in BlackBerry Enterprise Server 12 (BES12) Self-Service before 12.4 allow remote attackers to execute arbitrary SQL commands via the imageName parameter to (1) mydevice/client/image, (2) admin/client/image, (3) myapps/client/image, (4) ssam/client/image, or (5) all/client/image.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-89,

Products Affected

Vendor Product Version
blackberry blackberry_enterprise_service *
CVE-2016-1915 MEDIUM

Multiple cross-site scripting (XSS) vulnerabilities in BlackBerry Enterprise Server 12 (BES12) Self-Service before 12.4 allow remote attackers to inject arbitrary web script or HTML via the locale parameter to (1) mydevice/index.jsp or (2) mydevice/loggedOut.jsp.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
blackberry blackberry_enterprise_service *
CVE-2016-1916 LOW

Cross-site scripting (XSS) vulnerability in the Management Console in BlackBerry Enterprise Server (BES) 12 before 12.4.1 allows remote authenticated users to inject arbitrary web script or HTML by leveraging basic administrative access to create a crafted policy, leading to improper rendering on a certain Export IT screen.

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
blackberry enterprise_server *
CVE-2016-1917 MEDIUM

Cross-site scripting (XSS) vulnerability in the Management Console in BlackBerry Enterprise Server (BES) 12 before 12.4.1 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, a different vulnerability than CVE-2016-1918.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
blackberry enterprise_server *
CVE-2016-1918 MEDIUM

Cross-site scripting (XSS) vulnerability in the Management Console in BlackBerry Enterprise Server (BES) 12 before 12.4.1 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, a different vulnerability than CVE-2016-1917.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
blackberry enterprise_server *
CVE-2016-3126 MEDIUM

Cross-site scripting (XSS) vulnerability in the Management Console in BlackBerry Enterprise Server (BES) 12 before 12.4.1 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
blackberry enterprise_server *
CVE-2016-3127 MEDIUM

An information disclosure vulnerability in the logging implementation of BlackBerry Good Control Server versions earlier than 2.3.53.62 allows remote attackers to gain and use logged encryption keys to access certain resources within a customer's Good deployment by gaining access to certain diagnostic log files through either a valid logon or an unrelated compromise of the server.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
blackberry good_control_server *
CVE-2016-3128 MEDIUM

A spoofing vulnerability in the Core of BlackBerry Enterprise Server (BES) 12 through 12.5.2 allows remote attackers to enroll an illegitimate device to the BES, gain access to device parameters for the BES, or send false information to the BES by gaining access to specific information about a device that was legitimately enrolled on the BES.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-254,

Products Affected

Vendor Product Version
blackberry enterprise_service 12.5.0a
blackberry enterprise_service 12.0.1
blackberry enterprise_service 12.2.0
blackberry enterprise_service 12.2.1
blackberry enterprise_service 12.4.0
blackberry enterprise_service 12.4.1
blackberry enterprise_service 12.0.0
blackberry enterprise_service 12.1.0
blackberry enterprise_service 12.5.1
blackberry enterprise_service 12.3.0
blackberry enterprise_service 12.5.2
blackberry enterprise_service 12.3.1
CVE-2016-3129 HIGH

A remote shell execution vulnerability in the BlackBerry Good Enterprise Mobility Server (GEMS) implementation of the Apache Karaf command shell in GEMS versions 2.1.5.3 to 2.2.22.25 allows remote attackers to obtain local administrator rights on the GEMS server via commands executed on the Karaf command shell.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
blackberry good_enterprise_mobility_server *
CVE-2016-3130 MEDIUM

An information disclosure vulnerability in the Core and Management Console in BlackBerry Enterprise Server (BES) 12 through 12.5.2 allows remote attackers to obtain local or domain credentials of an administrator or user account by sniffing traffic between the two elements during a login attempt.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,CWE-255,

Products Affected

Vendor Product Version
blackberry enterprise_service 12.5.0a
blackberry enterprise_service 12.0.1
blackberry enterprise_service 12.2.0
blackberry enterprise_service 12.2.1
blackberry enterprise_service 12.4.0
blackberry enterprise_service 12.4.1
blackberry enterprise_service 12.0.0
blackberry enterprise_service 12.1.0
blackberry enterprise_service 12.5.1
blackberry enterprise_service 12.3.0
blackberry enterprise_service 12.5.2
blackberry enterprise_service 12.3.1
CVE-2017-17442 MEDIUM

In BlackBerry UEM Management Console version 12.7.1 and earlier, a reflected cross-site scripting vulnerability that could allow an attacker to execute script commands in the context of the affected UEM Management Console account by crafting a malicious link and then persuading a user with legitimate access to the Management Console to click on the malicious link.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
blackberry unified_endpoint_manager *
CVE-2017-3890 MEDIUM

A reflected cross-site scripting vulnerability in the BlackBerry WatchDox Server components Appliance-X, version 1.8.1 and earlier, and vAPP, versions 4.6.0 to 5.4.1, allows remote attackers to execute script commands in the context of the affected browser by persuading a user to click an attacker-supplied malicious link.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
blackberry appliance-x *
blackberry workspaces_vapp 5.4.1
blackberry workspaces_vapp 4.6.0
CVE-2017-3891 MEDIUM

In BlackBerry QNX Software Development Platform (SDP) 6.6.0, an elevation of privilege vulnerability in the default configuration of the QNX SDP with QNet enabled on networks comprising two or more QNet nodes could allow an attacker to access local and remote files or take ownership of files on other QNX nodes regardless of permissions by executing commands targeting arbitrary nodes from a secondary QNX 6.6.0 QNet node.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-923,CWE-863,

Products Affected

Vendor Product Version
blackberry qnx_software_development_platform 6.6.0
CVE-2017-3892 MEDIUM

In BlackBerry QNX Software Development Platform (SDP) 6.6.0, an information disclosure vulnerability in the default configuration of the QNX SDP could allow an attacker to gain information relating to memory layout that could be used in a blended attack by executing commands targeting procfs resources.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,CWE-200,

Products Affected

Vendor Product Version
blackberry qnx_software_development_platform 6.6.0
CVE-2017-3893 MEDIUM

In BlackBerry QNX Software Development Platform (SDP) 6.6.0, the default configuration of the QNX SDP system did not in all circumstances prevent attackers from modifying the GOT or PLT tables with buffer overflow attacks.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-693,CWE-119,

Products Affected

Vendor Product Version
blackberry qnx_software_development_platform 6.6.0
CVE-2017-3894 MEDIUM

A stored cross site scripting vulnerability in the Management Console of BlackBerry Unified Endpoint Manager version 12.6.1 and earlier, and all versions of BES12, allows attackers to execute actions in the context of a Management Console administrator by uploading a malicious script and then persuading a target administrator to view the specific location of the malicious script within the Management Console.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
blackberry enterprise_service 12.1.1
blackberry unified_endpoint_manager *
blackberry enterprise_service 12.0.1
blackberry enterprise_service 12.2.0
blackberry enterprise_service 12.2.1
blackberry enterprise_service 12.4.0
blackberry enterprise_service 12.4.1
blackberry enterprise_service 12.0
blackberry enterprise_service 12.1
blackberry enterprise_service 12.5.0
blackberry enterprise_service 12.1.0
blackberry enterprise_service 12.5.1
blackberry enterprise_service 12.3.0
blackberry enterprise_service 12.5.2
blackberry enterprise_service 12.3.1
CVE-2017-9367 MEDIUM

A directory traversal vulnerability in the BlackBerry Workspaces Server could potentially allow an attacker to execute or upload arbitrary files, or reveal the content of arbitrary files anywhere on the web server by crafting a URL with a manipulated POST request.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-22,

Products Affected

Vendor Product Version
blackberry workspaces_vapp 5.6.2
blackberry workspaces_vapp 5.6.3
blackberry workspaces_vapp 5.5.6
blackberry workspaces_vapp 5.5.8
blackberry workspaces_vapp 5.5.0
blackberry workspaces_appliance-x *
blackberry workspaces_vapp 5.5.1
blackberry workspaces_vapp 5.6.1
blackberry workspaces_vapp 5.5.9
blackberry workspaces_vapp 5.6.0
blackberry workspaces_vapp 5.5.5
blackberry workspaces_vapp 5.5.4
blackberry workspaces_vapp 5.5.7
blackberry workspaces_vapp 5.6.4
blackberry workspaces_vapp 5.6.5
blackberry workspaces_vapp 5.5.3
blackberry workspaces_vapp 5.5.2
blackberry workspaces_vapp 5.6.6
CVE-2017-9368 MEDIUM

An information disclosure vulnerability in the BlackBerry Workspaces Server could result in an attacker gaining access to source code for server-side applications by crafting a request for specific files.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
blackberry workspaces_vapp 5.6.2
blackberry workspaces_vapp 5.6.3
blackberry workspaces_vapp 5.5.6
blackberry workspaces_vapp 5.5.8
blackberry workspaces_vapp 5.5.0
blackberry workspaces_appliance-x *
blackberry workspaces_vapp 5.5.1
blackberry workspaces_vapp 5.6.1
blackberry workspaces_vapp 5.5.9
blackberry workspaces_vapp 5.6.0
blackberry workspaces_vapp 5.5.5
blackberry workspaces_vapp 5.5.4
blackberry workspaces_vapp 5.5.7
blackberry workspaces_vapp 5.6.4
blackberry workspaces_vapp 5.6.5
blackberry workspaces_vapp 5.5.3
blackberry workspaces_vapp 5.5.2
blackberry workspaces_vapp 5.6.6
CVE-2017-9369 MEDIUM

In BlackBerry QNX Software Development Platform (SDP) 6.6.0 and 6.5.0 SP1 and earlier, an information disclosure vulnerability in the default configuration of the QNX SDP could allow an attacker to gain information relating to memory layout of higher privileged processes by manipulating environment variables that influence the loader.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,CWE-200,

Products Affected

Vendor Product Version
blackberry qnx_software_development_platform 6.6.0
blackberry qnx_software_development_platform 6.5.0
CVE-2017-9370 MEDIUM

An information disclosure / elevation of privilege vulnerability in the BlackBerry Workspaces Server could potentially allow an attacker who has legitimate access to BlackBerry Workspaces to gain access to another user's workspace by making multiple login requests to the server.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-287,

Products Affected

Vendor Product Version
blackberry workspaces -
CVE-2017-9371 MEDIUM

In BlackBerry QNX Software Development Platform (SDP) 6.6.0 and 6.5.0 SP1 and earlier, a loss of integrity vulnerability in the default configuration of the QNX SDP could allow an attacker being able to reduce the entropy of the PRNG, making other blended attacks more practical by gaining control over environmental factors that influence seed generation.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-332,CWE-332,

Products Affected

Vendor Product Version
blackberry qnx_software_development_platform 6.6.0
blackberry qnx_software_development_platform 6.5.0
CVE-2018-8888 LOW

A stored cross-site scripting (XSS) vulnerability in the Management Console of BlackBerry UEM versions earlier than 12.10.0 could allow an attacker to store script commands that could later be executed in the context of another Management Console administrator.

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
blackberry unified_endpoint_manager *
CVE-2018-8889 MEDIUM

A directory traversal vulnerability in the Connect Service of the BlackBerry Enterprise Mobility Server (BEMS) 2.8.17.29 and earlier could allow an attacker to retrieve arbitrary files in the context of a BEMS administrator account.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-22,

Products Affected

Vendor Product Version
blackberry enterprise_mobility_server *
CVE-2018-8890 MEDIUM

An information disclosure vulnerability in the Management Console of BlackBerry UEM 12.8.0 and 12.8.1 could allow an attacker to take over a UEM user's session and perform administrative actions in the context of the user.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
blackberry unified_endpoint_manager 12.8.0
blackberry unified_endpoint_manager 12.8.1
CVE-2018-8891 LOW

Multiple stored cross-site scripting (XSS) vulnerabilities in the Management Console of BlackBerry UEM versions earlier than 12.9.1 could allow an attacker to store script commands that could later be executed in the context of another Management Console administrator.

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
blackberry unified_endpoint_manager *
CVE-2018-8892 MEDIUM

A cross-site request forgery (CSRF) vulnerability in the Management Console of BlackBerry UEM versions earlier than 12.9.1 could allow an attacker to make modifications to the UEM settings in the context of a Management Console administrator.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,

Products Affected

Vendor Product Version
blackberry unified_endpoint_manager *
CVE-2019-8997 MEDIUM

An XML External Entity Injection (XXE) vulnerability in the Management System (console) of BlackBerry AtHoc versions earlier than 7.6 HF-567 could allow an attacker to potentially read arbitrary local files from the application server or make requests on the network by entering maliciously crafted XML in an existing field.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-611,

Products Affected

Vendor Product Version
blackberry athoc *
CVE-2019-8998 MEDIUM

An information disclosure vulnerability leading to a potential local escalation of privilege in the procfs service (the /proc filesystem) of BlackBerry QNX Software Development Platform version(s) 6.5.0 SP1 and earlier could allow an attacker to potentially gain unauthorized access to a chosen process address space.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-413,NVD-CWE-noinfo,

Products Affected

Vendor Product Version
blackberry qnx_software_development_platform *
CVE-2019-8999 MEDIUM

An XML External Entity vulnerability in the UEM Core of BlackBerry UEM version(s) earlier than 12.10.1a could allow an attacker to potentially gain read access to files on any system reachable by the UEM service account.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-611,

Products Affected

Vendor Product Version
blackberry unified_endpoint_management *
CVE-2020-11652 MEDIUM

An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process ClearFuncs class allows access to some methods that improperly sanitize paths. These methods allow arbitrary directory access to authenticated users.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-22,CWE-22,

Products Affected

Vendor Product Version
debian debian_linux 10.0
saltstack salt *
canonical ubuntu_linux 16.04
vmware application_remote_collector 7.5.0
opensuse leap 15.1
debian debian_linux 8.0
debian debian_linux 9.0
canonical ubuntu_linux 18.04
vmware application_remote_collector 8.0.0
blackberry workspaces_server *
blackberry workspaces_server 9.1.0
CVE-2020-1938 HIGH

When using the Apache JServ Protocol (AJP), care must be taken when trusting incoming connections to Apache Tomcat. Tomcat treats AJP connections as having higher trust than, for example, a similar HTTP connection. If such connections are available to an attacker, they can be exploited in ways that may be surprising. In Apache Tomcat 9.0.0.M1 to 9.0.0.30, 8.5.0 to 8.5.50 and 7.0.0 to 7.0.99, Tomcat shipped with an AJP Connector enabled by default that listened on all configured IP addresses. It was expected (and recommended in the security guide) that this Connector would be disabled if not required. This vulnerability report identified a mechanism that allowed: - returning arbitrary files from anywhere in the web application - processing any file in the web application as a JSP Further, if the web application allowed file upload and stored those files within the web application (or the attacker was able to control the content of the web application by some other means) then this, along with the ability to process a file as a JSP, made remote code execution possible. It is important to note that mitigation is only required if an AJP port is accessible to untrusted users. Users wishing to take a defence-in-depth approach and block the vector that permits returning arbitrary files and execution as JSP may upgrade to Apache Tomcat 9.0.31, 8.5.51 or 7.0.100 or later. A number of changes were made to the default AJP Connector configuration in 9.0.31 to harden the default configuration. It is likely that users upgrading to 9.0.31, 8.5.51 or 7.0.100 or later will need to make small changes to their configurations.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
oracle agile_plm 9.3.6
netapp oncommand_system_manager *
oracle workload_manager 12.2.0.1
blackberry workspaces_server 7.1.2
opensuse leap 15.1
oracle workload_manager 19c
oracle workload_manager 18c
oracle siebel_ui_framework *
oracle agile_engineering_data_management 6.2.1.0
oracle communications_element_manager 8.2.1
debian debian_linux 10.0
oracle instantis_enterprisetrack *
blackberry workspaces_server 9.0
oracle hospitality_guest_access 4.2.0
oracle agile_plm 9.3.5
oracle health_sciences_empirica_signal 7.3.3
fedoraproject fedora 31
oracle transportation_management 6.3.7
blackberry good_control *
fedoraproject fedora 32
oracle communications_element_manager 8.2.0
fedoraproject fedora 30
debian debian_linux 9.0
apache geode 1.12.0
netapp data_availability_services -
oracle mysql_enterprise_monitor *
apache tomcat *
oracle health_sciences_empirica_inspections 1.0.1.2
blackberry workspaces_server 7.0.1
oracle communications_instant_messaging_server 10.0.1.4.0
debian debian_linux 8.0
blackberry workspaces_server 8.1.0
oracle communications_element_manager 8.1.1
oracle hospitality_guest_access 4.2.1
oracle agile_plm 9.3.3
CVE-2020-6932 HIGH

An information disclosure and remote code execution vulnerability in the slinger web server of the BlackBerry QNX Software Development Platform versions 6.4.0 to 6.6.0 could allow an attacker to potentially read arbitrary files and run arbitrary executables in the context of the web server.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-150,NVD-CWE-noinfo,

Products Affected

Vendor Product Version
blackberry qnx_software_development_platform *
CVE-2020-6933 LOW

An improper input validation vulnerability in the UEM Core of BlackBerry UEM version(s) 12.13.0, 12.12.1a QF2 (and earlier), and 12.11.1 QF3 (and earlier) could allow an attacker to potentially cause a Denial of Service (DoS) of the UEM Core service.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 1.8 3.6

CVSS 2.0

Severity: LOW

Problem Type: CWE-20,

Products Affected

Vendor Product Version
blackberry unified_endpoint_manager 12.12.1a
blackberry unified_endpoint_manager *
blackberry unified_endpoint_manager 12.13.0
blackberry unified_endpoint_manager 12.11.1
CVE-2021-22152 LOW

A Denial of Service due to Improper Input Validation vulnerability in the Management Console component of BlackBerry UEM version(s) 12.13.1 QF2 and earlier and 12.12.1a QF6 and earlier could allow an attacker to potentially to prevent any new user connections.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 1.8 3.6

CVSS 2.0

Severity: LOW

Problem Type: CWE-20,

Products Affected

Vendor Product Version
blackberry unified_endpoint_management 12.12.1a
blackberry unified_endpoint_management 12.13.0
blackberry unified_endpoint_management *
blackberry unified_endpoint_management 12.13.1
CVE-2021-22153 MEDIUM

A Remote Code Execution vulnerability in the Management Console component of BlackBerry UEM version(s) 12.13.1 QF2 and earlier and 12.12.1a QF6 and earlier could allow an attacker to potentially cause the spreadsheet application to run commands on the victim’s local machine with the authority of the user.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.3 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H 1.3 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-1236,

Products Affected

Vendor Product Version
blackberry unified_endpoint_management 12.12.1a
blackberry unified_endpoint_management 12.13.0
blackberry unified_endpoint_management *
blackberry unified_endpoint_management 12.13.1
CVE-2021-22154 MEDIUM

An Information Disclosure vulnerability in the Management Console component of BlackBerry UEM version(s) 12.13.1 QF2 and earlier and 12.12.1a QF6 and earlier could allow an attacker to potentially gain access to a victim's web history.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 3.9 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
blackberry unified_endpoint_management 12.12.1a
blackberry unified_endpoint_management 12.13.0
blackberry unified_endpoint_management *
blackberry unified_endpoint_management 12.13.1
CVE-2021-22155 MEDIUM

An Authentication Bypass vulnerability in the SAML Authentication component of BlackBerry Workspaces Server (deployed with Appliance-X) version(s) 10.1, 9.1 and earlier could allow an attacker to potentially gain access to the application in the context of the targeted user’s account.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-287,

Products Affected

Vendor Product Version
blackberry workspaces_server *
blackberry workspaces_server 10.1
CVE-2021-22156 MEDIUM

An integer overflow vulnerability in the calloc() function of the C runtime library of affected versions of BlackBerry® QNX Software Development Platform (SDP) version(s) 6.5.0SP1 and earlier, QNX OS for Medical 1.1 and earlier, and QNX OS for Safety 1.0.1 and earlier that could allow an attacker to potentially perform a denial of service or execute arbitrary code.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-190,CWE-190,

Products Affected

Vendor Product Version
blackberry qnx_software_development_platform *
blackberry qnx_os_for_safety *
blackberry qnx_os_for_medical *
blackberry qnx_software_development_platform 6.5.0
CVE-2021-32021 HIGH

A denial of service vulnerability in the message broker of BlackBerry Protect for Windows version(s) versions 1574 and earlier could allow an attacker to potentially execute code in the context of a BlackBerry Cylance service that has admin rights on the system.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
blackberry protect *
CVE-2021-32022 LOW

A low privileged delete vulnerability using CEF RPC server of BlackBerry Protect for Windows version(s) versions 1574 and earlier could allow an attacker to potentially execute code in the context of a BlackBerry Cylance service that has admin rights on the system and gaining the ability to delete data from the local system.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N 1.8 3.6

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
blackberry protect *
CVE-2021-32023 HIGH

An elevation of privilege vulnerability in the message broker of BlackBerry Protect for Windows version(s) versions 1574 and earlier could allow an attacker to potentially execute code in the context of a BlackBerry Cylance service that has admin rights on the system.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
blackberry protect *
CVE-2021-32024 HIGH

A remote code execution vulnerability in the BMP image codec of BlackBerry QNX SDP version(s) 6.4 to 7.1 could allow an attacker to potentially execute code in the context of the affected process.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-1287,NVD-CWE-noinfo,

Products Affected

Vendor Product Version
blackberry qnx_software_development_platform *
CVE-2021-32025 HIGH

An elevation of privilege vulnerability in the QNX Neutrino Kernel of affected versions of QNX Software Development Platform version(s) 6.4.0 to 7.0, QNX Momentics all 6.3.x versions, QNX OS for Safety versions 1.0.0 to 1.0.2, QNX OS for Safety versions 2.0.0 to 2.0.1, QNX for Medical versions 1.0.0 to 1.1.1, and QNX OS for Medical version 2.0.0 could allow an attacker to potentially access data, modify behavior, or permanently crash the system.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-368,NVD-CWE-noinfo,

Products Affected

Vendor Product Version
blackberry qnx_momentics 6.3.2
blackberry qnx_software_development_platform *
blackberry qnx_momentics 6.3.0
blackberry qnx_os_for_safety *
blackberry qnx_os_for_medical 2.0.0
blackberry qnx_os_for_medical *
CVE-2023-21520

A PII Enumeration via Credential Recovery in the Self Service (Credential Recovery) of BlackBerry AtHoc version 7.15 could allow an attacker to potentially associate a list of contact details with an AtHoc IWS organization.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 3.9 1.4

Products Affected

Vendor Product Version
blackberry athoc 7.15
CVE-2023-21521

An SQL Injection vulnerability in the Management Console  (Operator Audit Trail) of BlackBerry AtHoc version 7.15 could allow an attacker to potentially read sensitive data from the database, modify database data (Insert/Update/Delete), execute administration operations on the database, recover the content of a given file present on the DBMS file system and in some cases issue commands to the operating system.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.2 HIGH CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 1.2 5.9

Products Affected

Vendor Product Version
blackberry athoc 7.15
CVE-2023-21522

A Reflected Cross-site Scripting (XSS) vulnerability in the Management Console (Reports) of BlackBerry AtHoc version 7.15 could allow an attacker to potentially control a script that is executed in the victim's browser then they can execute script commands in the context of the affected user account. 

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

Products Affected

Vendor Product Version
blackberry athoc 7.15
CVE-2023-21523

A Stored Cross-site Scripting (XSS) vulnerability in the Management Console (User Management and Alerts) of BlackBerry AtHoc version 7.15 could allow an attacker to execute script commands in the context of the affected user account.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.4 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N 2.3 2.7

Products Affected

Vendor Product Version
blackberry athoc 7.15
CVE-2023-32701

Improper Input Validation in the Networking Stack of QNX SDP version(s) 6.6, 7.0, and 7.1 could allow an attacker to potentially cause Information Disclosure or a Denial-of-Service condition.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
secure@blackberry.com 7.1 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H 1.8 5.2
nvd@nist.gov 7.1 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H 1.8 5.2

Products Affected

Vendor Product Version
blackberry qnx_software_development_platform 6.6.0
blackberry qnx_software_development_platform 7.0
blackberry qnx_software_development_platform 7.1
CVE-2024-35213

An improper input validation vulnerability in the SGI Image Codec of QNX SDP version(s) 6.6, 7.0, and 7.1 could allow an attacker to potentially cause a denial-of-service condition or execute code in the context of the image processing process.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
secure@blackberry.com 9.0 CRITICAL CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H 2.2 6.0

Products Affected

Vendor Product Version
blackberry qnx_software_development_platform *
CVE-2024-35215

NULL pointer dereference in IP socket options processing of the Networking Stack in QNX Software Development Platform (SDP) version(s) 7.1 and 7.0 could allow an attacker with local access to cause a denial-of-service condition in the context of the Networking Stack process.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
secure@blackberry.com 6.2 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 2.5 3.6

Products Affected

Vendor Product Version
blackberry qnx_software_development_platform *
CVE-2024-48854

Off-by-one error in the TIFF image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an unauthenticated attacker to cause an information disclosure in the context of the process using the image codec.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6
secure@blackberry.com 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 3.9 1.4

Products Affected

Vendor Product Version
blackberry qnx_software_development_platform 7.0
blackberry qnx_software_development_platform 7.1
blackberry qnx_software_development_platform 8.0
CVE-2024-48855

Out-of-bounds read in the TIFF image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an unauthenticated attacker to cause an information disclosure in the context of the process using the image codec.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
secure@blackberry.com 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 3.9 1.4
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

Products Affected

Vendor Product Version
blackberry qnx_software_development_platform 7.0
blackberry qnx_software_development_platform 7.1
blackberry qnx_software_development_platform 8.0
CVE-2024-48856

Out-of-bounds write in the PCX image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an unauthenticated attacker to cause a denial-of-service condition or execute code in the context of the process using the image codec.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9
secure@blackberry.com 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
blackberry qnx_software_development_platform 7.0
blackberry qnx_software_development_platform 7.1
blackberry qnx_software_development_platform 8.0
CVE-2024-48857

NULL pointer dereference in the PCX image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an unauthenticated attacker to cause a denial-of-service condition in the context of the process using the image codec.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
secure@blackberry.com 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
blackberry qnx_software_development_platform 7.0
blackberry qnx_software_development_platform 7.1
blackberry qnx_software_development_platform 8.0
CVE-2024-48858

Improper input validation in the PCX image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an unauthenticated attacker to cause a denial-of-service condition in the context of the process using the image codec.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
secure@blackberry.com 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
blackberry qnx_software_development_platform 7.0
blackberry qnx_software_development_platform 7.1
blackberry qnx_software_development_platform 8.0
CVE-2024-51723

A Stored Cross-Site Scripting (XSS) vulnerability in the Management Console of BlackBerry AtHoc version 7.15 could allow an attacker to potentially execute actions in the context of the victim's session.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
secure@blackberry.com 4.6 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N 2.1 2.5

Products Affected

Vendor Product Version
blackberry athoc 7.15
CVE-2025-12766

An Insecure Direct Object Reference (IDOR) vulnerability in the Management Console of BlackBerry® AtHoc® (OnPrem) version 7.21 could allow an attacker to potentially gain unauthorized knowledge about other organizations hosted on the same Interactive Warning System (IWS).

CVSS 3.x

Source Score Severity Vector Exploitability Impact
secure@blackberry.com 5.0 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N 3.1 1.4

Products Affected

Vendor Product Version
blackberry athoc 7.21
CVE-2025-2474

Out-of-bounds write in the PCX image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an unauthenticated attacker to cause a denial-of-service condition or execute code in the context of the process using the image codec.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
secure@blackberry.com 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
blackberry qnx_software_development_platform 7.0
blackberry qnx_software_development_platform 7.1
blackberry qnx_software_development_platform 8.0