CVE-2016-3128

Sažetak

A spoofing vulnerability in the Core of BlackBerry Enterprise Server (BES) 12 through 12.5.2 allows remote attackers to enroll an illegitimate device to the BES, gain access to device parameters for the BES, or send false information to the BES by gaining access to specific information about a device that was legitimately enrolled on the BES.

Reference

http://support.blackberry.com/kb/articleDetail?articleNumber=000038913
http://www.securityfocus.com/bid/95624
http://www.securitytracker.com/id/1037585

CVSS

Base:	6.4
Impact:	4.9
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	NONE

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:P/A:N

Zadnje važnije ažuriranje

20-01-2017 - 02:59

Objavljeno

13-01-2017 - 09:59