Search

Find a vulnerability

Search criteria

    6 vulnerabilities found for BlackBerry UEM by BlackBerry

    CVE-2018-8892 (GCVE-0-2018-8892)

    Vulnerability from nvd – Published: 2018-12-20 20:00 – Updated: 2024-08-05 07:10
    VLAI
    Summary
    A cross-site request forgery (CSRF) vulnerability in the Management Console of BlackBerry UEM versions earlier than 12.9.1 could allow an attacker to make modifications to the UEM settings in the context of a Management Console administrator.
    Severity
    No CVSS data available.
    CWE
    • Cross-Site Request Forgery
    Assigner
    References
    Impacted products
    Vendor Product Version
    BlackBerry BlackBerry UEM Affected: 12.9.0 and earlier
    Create a notification for this product.
    Date Public
    2018-12-20 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T07:10:46.755Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.blackberry.com/kb/articleDetail?articleNumber=000054162"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "BlackBerry UEM",
              "vendor": "BlackBerry",
              "versions": [
                {
                  "status": "affected",
                  "version": "12.9.0 and earlier"
                }
              ]
            }
          ],
          "datePublic": "2018-12-20T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A cross-site request forgery (CSRF) vulnerability in the Management Console of BlackBerry UEM versions earlier than 12.9.1 could allow an attacker to make modifications to the UEM settings in the context of a Management Console administrator."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Cross-Site Request Forgery",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-12-20T19:57:01.000Z",
            "orgId": "dbe78b00-5e7b-4fda-8748-329789ecfc5c",
            "shortName": "blackberry"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.blackberry.com/kb/articleDetail?articleNumber=000054162"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@blackberry.com",
              "ID": "CVE-2018-8892",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "BlackBerry UEM",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "12.9.0 and earlier"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "BlackBerry"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A cross-site request forgery (CSRF) vulnerability in the Management Console of BlackBerry UEM versions earlier than 12.9.1 could allow an attacker to make modifications to the UEM settings in the context of a Management Console administrator."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Cross-Site Request Forgery"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://support.blackberry.com/kb/articleDetail?articleNumber=000054162",
                  "refsource": "CONFIRM",
                  "url": "http://support.blackberry.com/kb/articleDetail?articleNumber=000054162"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "dbe78b00-5e7b-4fda-8748-329789ecfc5c",
        "assignerShortName": "blackberry",
        "cveId": "CVE-2018-8892",
        "datePublished": "2018-12-20T20:00:00.000Z",
        "dateReserved": "2018-03-21T00:00:00.000Z",
        "dateUpdated": "2024-08-05T07:10:46.755Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-8891 (GCVE-0-2018-8891)

    Vulnerability from nvd – Published: 2018-12-20 20:00 – Updated: 2024-08-05 07:10
    VLAI
    Summary
    Multiple stored cross-site scripting (XSS) vulnerabilities in the Management Console of BlackBerry UEM versions earlier than 12.9.1 could allow an attacker to store script commands that could later be executed in the context of another Management Console administrator.
    Severity
    No CVSS data available.
    CWE
    • Stored Cross-Site Scripting
    Assigner
    References
    Impacted products
    Vendor Product Version
    BlackBerry BlackBerry UEM Affected: 12.9.0 and earlier
    Create a notification for this product.
    Date Public
    2018-12-20 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T07:10:46.960Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.blackberry.com/kb/articleDetail?articleNumber=000054162"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "BlackBerry UEM",
              "vendor": "BlackBerry",
              "versions": [
                {
                  "status": "affected",
                  "version": "12.9.0 and earlier"
                }
              ]
            }
          ],
          "datePublic": "2018-12-20T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple stored cross-site scripting (XSS) vulnerabilities in the Management Console of BlackBerry UEM versions earlier than 12.9.1 could allow an attacker to store script commands that could later be executed in the context of another Management Console administrator."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Stored Cross-Site Scripting",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-12-20T19:57:01.000Z",
            "orgId": "dbe78b00-5e7b-4fda-8748-329789ecfc5c",
            "shortName": "blackberry"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.blackberry.com/kb/articleDetail?articleNumber=000054162"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@blackberry.com",
              "ID": "CVE-2018-8891",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "BlackBerry UEM",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "12.9.0 and earlier"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "BlackBerry"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple stored cross-site scripting (XSS) vulnerabilities in the Management Console of BlackBerry UEM versions earlier than 12.9.1 could allow an attacker to store script commands that could later be executed in the context of another Management Console administrator."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Stored Cross-Site Scripting"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://support.blackberry.com/kb/articleDetail?articleNumber=000054162",
                  "refsource": "CONFIRM",
                  "url": "http://support.blackberry.com/kb/articleDetail?articleNumber=000054162"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "dbe78b00-5e7b-4fda-8748-329789ecfc5c",
        "assignerShortName": "blackberry",
        "cveId": "CVE-2018-8891",
        "datePublished": "2018-12-20T20:00:00.000Z",
        "dateReserved": "2018-03-21T00:00:00.000Z",
        "dateUpdated": "2024-08-05T07:10:46.960Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-8888 (GCVE-0-2018-8888)

    Vulnerability from nvd – Published: 2018-12-20 20:00 – Updated: 2024-08-05 07:10
    VLAI
    Summary
    A stored cross-site scripting (XSS) vulnerability in the Management Console of BlackBerry UEM versions earlier than 12.10.0 could allow an attacker to store script commands that could later be executed in the context of another Management Console administrator.
    Severity
    No CVSS data available.
    CWE
    • Stored Cross-Site Scripting
    Assigner
    References
    Impacted products
    Vendor Product Version
    BlackBerry BlackBerry UEM Affected: 12.9.1 and earlier
    Create a notification for this product.
    Date Public
    2018-12-20 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T07:10:46.639Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.blackberry.com/kb/articleDetail?articleNumber=000054162"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "BlackBerry UEM",
              "vendor": "BlackBerry",
              "versions": [
                {
                  "status": "affected",
                  "version": "12.9.1 and earlier"
                }
              ]
            }
          ],
          "datePublic": "2018-12-20T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A stored cross-site scripting (XSS) vulnerability in the Management Console of BlackBerry UEM versions earlier than 12.10.0 could allow an attacker to store script commands that could later be executed in the context of another Management Console administrator."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Stored Cross-Site Scripting",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-12-20T19:57:01.000Z",
            "orgId": "dbe78b00-5e7b-4fda-8748-329789ecfc5c",
            "shortName": "blackberry"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.blackberry.com/kb/articleDetail?articleNumber=000054162"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@blackberry.com",
              "ID": "CVE-2018-8888",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "BlackBerry UEM",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "12.9.1 and earlier"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "BlackBerry"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A stored cross-site scripting (XSS) vulnerability in the Management Console of BlackBerry UEM versions earlier than 12.10.0 could allow an attacker to store script commands that could later be executed in the context of another Management Console administrator."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Stored Cross-Site Scripting"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://support.blackberry.com/kb/articleDetail?articleNumber=000054162",
                  "refsource": "CONFIRM",
                  "url": "http://support.blackberry.com/kb/articleDetail?articleNumber=000054162"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "dbe78b00-5e7b-4fda-8748-329789ecfc5c",
        "assignerShortName": "blackberry",
        "cveId": "CVE-2018-8888",
        "datePublished": "2018-12-20T20:00:00.000Z",
        "dateReserved": "2018-03-21T00:00:00.000Z",
        "dateUpdated": "2024-08-05T07:10:46.639Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-8888 (GCVE-0-2018-8888)

    Vulnerability from cvelistv5 – Published: 2018-12-20 20:00 – Updated: 2024-08-05 07:10
    VLAI
    Summary
    A stored cross-site scripting (XSS) vulnerability in the Management Console of BlackBerry UEM versions earlier than 12.10.0 could allow an attacker to store script commands that could later be executed in the context of another Management Console administrator.
    Severity
    No CVSS data available.
    CWE
    • Stored Cross-Site Scripting
    Assigner
    References
    Impacted products
    Vendor Product Version
    BlackBerry BlackBerry UEM Affected: 12.9.1 and earlier
    Create a notification for this product.
    Date Public
    2018-12-20 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T07:10:46.639Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.blackberry.com/kb/articleDetail?articleNumber=000054162"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "BlackBerry UEM",
              "vendor": "BlackBerry",
              "versions": [
                {
                  "status": "affected",
                  "version": "12.9.1 and earlier"
                }
              ]
            }
          ],
          "datePublic": "2018-12-20T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A stored cross-site scripting (XSS) vulnerability in the Management Console of BlackBerry UEM versions earlier than 12.10.0 could allow an attacker to store script commands that could later be executed in the context of another Management Console administrator."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Stored Cross-Site Scripting",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-12-20T19:57:01.000Z",
            "orgId": "dbe78b00-5e7b-4fda-8748-329789ecfc5c",
            "shortName": "blackberry"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.blackberry.com/kb/articleDetail?articleNumber=000054162"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@blackberry.com",
              "ID": "CVE-2018-8888",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "BlackBerry UEM",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "12.9.1 and earlier"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "BlackBerry"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A stored cross-site scripting (XSS) vulnerability in the Management Console of BlackBerry UEM versions earlier than 12.10.0 could allow an attacker to store script commands that could later be executed in the context of another Management Console administrator."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Stored Cross-Site Scripting"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://support.blackberry.com/kb/articleDetail?articleNumber=000054162",
                  "refsource": "CONFIRM",
                  "url": "http://support.blackberry.com/kb/articleDetail?articleNumber=000054162"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "dbe78b00-5e7b-4fda-8748-329789ecfc5c",
        "assignerShortName": "blackberry",
        "cveId": "CVE-2018-8888",
        "datePublished": "2018-12-20T20:00:00.000Z",
        "dateReserved": "2018-03-21T00:00:00.000Z",
        "dateUpdated": "2024-08-05T07:10:46.639Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-8892 (GCVE-0-2018-8892)

    Vulnerability from cvelistv5 – Published: 2018-12-20 20:00 – Updated: 2024-08-05 07:10
    VLAI
    Summary
    A cross-site request forgery (CSRF) vulnerability in the Management Console of BlackBerry UEM versions earlier than 12.9.1 could allow an attacker to make modifications to the UEM settings in the context of a Management Console administrator.
    Severity
    No CVSS data available.
    CWE
    • Cross-Site Request Forgery
    Assigner
    References
    Impacted products
    Vendor Product Version
    BlackBerry BlackBerry UEM Affected: 12.9.0 and earlier
    Create a notification for this product.
    Date Public
    2018-12-20 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T07:10:46.755Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.blackberry.com/kb/articleDetail?articleNumber=000054162"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "BlackBerry UEM",
              "vendor": "BlackBerry",
              "versions": [
                {
                  "status": "affected",
                  "version": "12.9.0 and earlier"
                }
              ]
            }
          ],
          "datePublic": "2018-12-20T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A cross-site request forgery (CSRF) vulnerability in the Management Console of BlackBerry UEM versions earlier than 12.9.1 could allow an attacker to make modifications to the UEM settings in the context of a Management Console administrator."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Cross-Site Request Forgery",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-12-20T19:57:01.000Z",
            "orgId": "dbe78b00-5e7b-4fda-8748-329789ecfc5c",
            "shortName": "blackberry"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.blackberry.com/kb/articleDetail?articleNumber=000054162"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@blackberry.com",
              "ID": "CVE-2018-8892",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "BlackBerry UEM",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "12.9.0 and earlier"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "BlackBerry"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A cross-site request forgery (CSRF) vulnerability in the Management Console of BlackBerry UEM versions earlier than 12.9.1 could allow an attacker to make modifications to the UEM settings in the context of a Management Console administrator."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Cross-Site Request Forgery"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://support.blackberry.com/kb/articleDetail?articleNumber=000054162",
                  "refsource": "CONFIRM",
                  "url": "http://support.blackberry.com/kb/articleDetail?articleNumber=000054162"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "dbe78b00-5e7b-4fda-8748-329789ecfc5c",
        "assignerShortName": "blackberry",
        "cveId": "CVE-2018-8892",
        "datePublished": "2018-12-20T20:00:00.000Z",
        "dateReserved": "2018-03-21T00:00:00.000Z",
        "dateUpdated": "2024-08-05T07:10:46.755Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-8891 (GCVE-0-2018-8891)

    Vulnerability from cvelistv5 – Published: 2018-12-20 20:00 – Updated: 2024-08-05 07:10
    VLAI
    Summary
    Multiple stored cross-site scripting (XSS) vulnerabilities in the Management Console of BlackBerry UEM versions earlier than 12.9.1 could allow an attacker to store script commands that could later be executed in the context of another Management Console administrator.
    Severity
    No CVSS data available.
    CWE
    • Stored Cross-Site Scripting
    Assigner
    References
    Impacted products
    Vendor Product Version
    BlackBerry BlackBerry UEM Affected: 12.9.0 and earlier
    Create a notification for this product.
    Date Public
    2018-12-20 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T07:10:46.960Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.blackberry.com/kb/articleDetail?articleNumber=000054162"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "BlackBerry UEM",
              "vendor": "BlackBerry",
              "versions": [
                {
                  "status": "affected",
                  "version": "12.9.0 and earlier"
                }
              ]
            }
          ],
          "datePublic": "2018-12-20T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple stored cross-site scripting (XSS) vulnerabilities in the Management Console of BlackBerry UEM versions earlier than 12.9.1 could allow an attacker to store script commands that could later be executed in the context of another Management Console administrator."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Stored Cross-Site Scripting",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-12-20T19:57:01.000Z",
            "orgId": "dbe78b00-5e7b-4fda-8748-329789ecfc5c",
            "shortName": "blackberry"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.blackberry.com/kb/articleDetail?articleNumber=000054162"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@blackberry.com",
              "ID": "CVE-2018-8891",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "BlackBerry UEM",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "12.9.0 and earlier"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "BlackBerry"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple stored cross-site scripting (XSS) vulnerabilities in the Management Console of BlackBerry UEM versions earlier than 12.9.1 could allow an attacker to store script commands that could later be executed in the context of another Management Console administrator."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Stored Cross-Site Scripting"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://support.blackberry.com/kb/articleDetail?articleNumber=000054162",
                  "refsource": "CONFIRM",
                  "url": "http://support.blackberry.com/kb/articleDetail?articleNumber=000054162"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "dbe78b00-5e7b-4fda-8748-329789ecfc5c",
        "assignerShortName": "blackberry",
        "cveId": "CVE-2018-8891",
        "datePublished": "2018-12-20T20:00:00.000Z",
        "dateReserved": "2018-03-21T00:00:00.000Z",
        "dateUpdated": "2024-08-05T07:10:46.960Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }