Lucene search

[email protected]CVE-2007-3483

HistoryJun 28, 2007 - 8:30 p.m.

CVE-2007-3483

2007-06-2820:30:00

[email protected]

web.nvd.nist.gov

research in motion

bes

blackberry

enterprise server

cve-2007-3483

third-party applications

malware

security vulnerability

6.7 Medium

AI Score

Confidence

High

10 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.004 Low

EPSS

Percentile

73.7%

JSON

Research in Motion BlackBerry Enterprise Server 4.0 through 4.1 has a default configuration that permits installation of arbitrary third-party applications on BlackBerry devices, which might facilitate loading of malware.

Affected configurations

NVD

Node

rimblackberry_enterprise_serverMatch4.0

rimblackberry_enterprise_serverMatch4.1

CPENameOperatorVersion
rim:blackberry_enterprise_serverrim blackberry enterprise servereq4.0
rim:blackberry_enterprise_serverrim blackberry enterprise servereq4.1

CPE	Name	Operator	Version
rim:blackberry_enterprise_server	rim blackberry enterprise server	eq	4.0
rim:blackberry_enterprise_server	rim blackberry enterprise server	eq	4.1

References

www.blackberry.com/btsc/articles/968/KB05499_f.SAL_Public.html

www.praetoriang.net/presentations/blackjack.html

exchange.xforce.ibmcloud.com/vulnerabilities/35442

6.7 Medium

AI Score

Confidence

High

10 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.004 Low

EPSS

Percentile

73.7%

JSON

Related for CVE-2007-3483

nvd1 prion1 cvelist1