Vulnerability Name: | CCN-13112 | ||||||
Published: | 2003-09-04 | ||||||
Updated: | 2003-09-04 | ||||||
Summary: | BlackBerry Enterprise Server could allow a remote attacker to obtain sensitive information. If a password-protected attachment is sent to multiple Blackberry users at the same time, and one user enters the correct password to view the attachment, all of the users can view the attachment without entering the password. This vulnerability could be exploited to obtain sensitive information. | ||||||
CVSS v3 Severity: | 5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
| ||||||
CVSS v2 Severity: | 5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)
| ||||||
Vulnerability Consequences: | Bypass Security | ||||||
References: | Source: CCN Type: Blackberry Web site Release Notes Source: CCN Type: BID-8544 Multiple Blackberry Enterprise Server Vulnerabilities Source: XF Type: UNKNOWN blackberry-attachment-bypass-security(13112) | ||||||
Vulnerable Configuration: | Configuration CCN 1:![]() | ||||||
BACK |