exploitDog

CVE-2019-8999

Опубликовано: 18 апр. 2019

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

An XML External Entity vulnerability in the UEM Core of BlackBerry UEM version(s) earlier than 12.10.1a could allow an attacker to potentially gain read access to files on any system reachable by the UEM service account.

Ссылки

http://support.blackberry.com/kb/articleDetail?articleNumber=000056241
Mitigation
Patch
Vendor Advisory
http://support.blackberry.com/kb/articleDetail?articleNumber=000056241
Mitigation
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:blackberry:unified_endpoint_management:*:*:*:*:*:*:*:*

Версия до 12.10.1a (включая)

EPSS

Процентиль: 63%

0.0044

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-611

Связанные уязвимости

GHSA-qxhf-xwcg-8fxp

CVSS3: 7.5

github

больше 3 лет назад

An XML External Entity vulnerability in the UEM Core of BlackBerry UEM version(s) earlier than 12.10.1a could allow an attacker to potentially gain read access to files on any system reachable by the UEM service account.

EPSS

Процентиль: 63%

0.0044

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-611