CVE-2016-3130

Sažetak

An information disclosure vulnerability in the Core and Management Console in BlackBerry Enterprise Server (BES) 12 through 12.5.2 allows remote attackers to obtain local or domain credentials of an administrator or user account by sniffing traffic between the two elements during a login attempt.

Reference

http://support.blackberry.com/kb/articleDetail?articleNumber=000038914
http://www.securityfocus.com/bid/95924
http://www.securitytracker.com/id/1037584

CVSS

Base:	4.3
Impact:	2.9
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	NONE	NONE

CVSS vektor

AV:N/AC:M/Au:N/C:P/I:N/A:N

Zadnje važnije ažuriranje

03-02-2017 - 02:59

Objavljeno

13-01-2017 - 09:59