3 matches found
CVE-2017-9367
BlackBerry Workspaces Server contains a directory traversal vulnerability that can be exploited via a manipulated POST URL to execute or upload arbitrary files and disclose arbitrary content on the web server. Affected: BlackBerry Workspaces Server (path traversal in POST handling). Root cause: i...
CVE-2017-3890
CVE-2017-3890 is a reflected cross-site scripting vulnerability in BlackBerry WatchDox Server components, affecting Appliance-X (version 1.8.1 and earlier) and vAPP (versions 4.6.0–5.4.1). The issue allows a remote attacker to cause script execution in the context of the affected browser by convi...
CVE-2017-9368
CVE-2017-9368 affects BlackBerry Workspaces Server. An information disclosure vulnerability allows an attacker to gain access to source code for server‑side applications by crafting requests for specific files. Exploitation is shown as network‑accessible with low attack complexity and no authenti...