CVE-2017-9370

2017-08-0917:00:00

blackberry

www.cve.org

AI Score

8.4

Confidence

High

EPSS

0.001

Percentile

34.0%

JSON

An information disclosure / elevation of privilege vulnerability in the BlackBerry Workspaces Server could potentially allow an attacker who has legitimate access to BlackBerry Workspaces to gain access to another user’s workspace by making multiple login requests to the server.

CNA Affected

[
  {
    "product": "BlackBerry Workspaces Server; WatchDox by BlackBerry Server",
    "vendor": "BlackBerry",
    "versions": [
      {
        "status": "affected",
        "version": "Appliance-X versions 1.11.0 to 1.11.1"
      },
      {
        "status": "affected",
        "version": "Appliance-X versions 1.6.0 to 1.10.2"
      },
      {
        "status": "affected",
        "version": "vApp versions 5.6.0 to 5.6.4"
      },
      {
        "status": "affected",
        "version": "vApp versions 5.5.0 to 5.5.8"
      },
      {
        "status": "affected",
        "version": "vApp versions 5.1.0 to 5.4.8"
      }
    ]
  }
]

References

support.blackberry.com/kb/articleDetail?language=en_US&articleNumber=000045350