Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Blackberry Enterprise Service Security Vulnerabilities

cve
cve

CVE-2013-3693

The BlackBerry Universal Device Service in BlackBerry Enterprise Service (BES) 10.0 through 10.1.2 does not properly restrict access to the JBoss Remote Method Invocation (RMI) interface, which allows remote attackers to upload and execute arbitrary packages via a request to port 1098.

7.6AI Score

0.001EPSS

2022-10-03 04:14 PM
19
cve
cve

CVE-2014-1467

BlackBerry Enterprise Service 10 before 10.2.1, Universal Device Service 6, Enterprise Server Express for Domino through 5.0.4, Enterprise Server Express for Exchange through 5.0.4, Enterprise Server for Domino through 5.0.4 MR6, Enterprise Server for Exchange through 5.0.4 MR6, and Enterprise Serv...

6.2AI Score

0.002EPSS

2014-02-14 01:10 PM
22
cve
cve

CVE-2014-1469

BlackBerry Enterprise Server 5.x before 5.0.4 MR7 and Enterprise Service 10.x before 10.2.2 log cleartext credentials during exception handling, which allows local users to obtain sensitive information by reading the exception log file.

6AI Score

0.0004EPSS

2014-08-18 11:15 AM
22
cve
cve

CVE-2016-1914

Multiple SQL injection vulnerabilities in the com.rim.mdm.ui.server.ImageServlet servlet in BlackBerry Enterprise Server 12 (BES12) Self-Service before 12.4 allow remote attackers to execute arbitrary SQL commands via the imageName parameter to (1) mydevice/client/image, (2) admin/client/image, (3)...

8.8CVSS

9.3AI Score

0.006EPSS

2017-04-13 02:59 PM
27
cve
cve

CVE-2016-1915

Multiple cross-site scripting (XSS) vulnerabilities in BlackBerry Enterprise Server 12 (BES12) Self-Service before 12.4 allow remote attackers to inject arbitrary web script or HTML via the locale parameter to (1) mydevice/index.jsp or (2) mydevice/loggedOut.jsp.

6.1CVSS

6.7AI Score

0.002EPSS

2017-04-13 02:59 PM
33
cve
cve

CVE-2016-3128

A spoofing vulnerability in the Core of BlackBerry Enterprise Server (BES) 12 through 12.5.2 allows remote attackers to enroll an illegitimate device to the BES, gain access to device parameters for the BES, or send false information to the BES by gaining access to specific information about a devi...

8.2CVSS

8.1AI Score

0.004EPSS

2017-01-13 09:59 AM
18
cve
cve

CVE-2016-3130

An information disclosure vulnerability in the Core and Management Console in BlackBerry Enterprise Server (BES) 12 through 12.5.2 allows remote attackers to obtain local or domain credentials of an administrator or user account by sniffing traffic between the two elements during a login attempt.

8.1CVSS

7.5AI Score

0.008EPSS

2017-01-13 09:59 AM
14
cve
cve

CVE-2017-3894

A stored cross site scripting vulnerability in the Management Console of BlackBerry Unified Endpoint Manager version 12.6.1 and earlier, and all versions of BES12, allows attackers to execute actions in the context of a Management Console administrator by uploading a malicious script and then persu...

6.1CVSS

6AI Score

0.001EPSS

2017-05-10 04:29 PM
24