Search criteria
6 vulnerabilities found for workspaces_vapp by blackberry
CVE-2017-9368 (GCVE-0-2017-9368)
Vulnerability from nvd – Published: 2017-10-16 21:00 – Updated: 2024-09-17 03:37
VLAI
Summary
An information disclosure vulnerability in the BlackBerry Workspaces Server could result in an attacker gaining access to source code for server-side applications by crafting a request for specific files.
Severity
No CVSS data available.
CWE
- Information disclosure
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/96542 | vdb-entryx_refsource_BID |
| http://support.blackberry.com/kb/articleDetail?la… | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| BlackBerry | Workspaces Server |
Affected:
BlackBerry Workspaces Server components Appliance-X 1.11.0 to 1.11.2, vApp versions 5.6.0 to 5.6.6, and vApp versions 5.5.9 and earlier
|
Date Public
2017-10-16 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T17:02:44.383Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "96542",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/96542"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.blackberry.com/kb/articleDetail?language=en_US\u0026articleNumber=000045696"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Workspaces Server",
"vendor": "BlackBerry",
"versions": [
{
"status": "affected",
"version": "BlackBerry Workspaces Server components Appliance-X 1.11.0 to 1.11.2, vApp versions 5.6.0 to 5.6.6, and vApp versions 5.5.9 and earlier"
}
]
}
],
"datePublic": "2017-10-16T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An information disclosure vulnerability in the BlackBerry Workspaces Server could result in an attacker gaining access to source code for server-side applications by crafting a request for specific files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-17T09:57:01.000Z",
"orgId": "dbe78b00-5e7b-4fda-8748-329789ecfc5c",
"shortName": "blackberry"
},
"references": [
{
"name": "96542",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/96542"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.blackberry.com/kb/articleDetail?language=en_US\u0026articleNumber=000045696"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@blackberry.com",
"DATE_PUBLIC": "2017-10-16T00:00:00",
"ID": "CVE-2017-9368",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Workspaces Server",
"version": {
"version_data": [
{
"version_value": "BlackBerry Workspaces Server components Appliance-X 1.11.0 to 1.11.2, vApp versions 5.6.0 to 5.6.6, and vApp versions 5.5.9 and earlier"
}
]
}
}
]
},
"vendor_name": "BlackBerry"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An information disclosure vulnerability in the BlackBerry Workspaces Server could result in an attacker gaining access to source code for server-side applications by crafting a request for specific files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "96542",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96542"
},
{
"name": "http://support.blackberry.com/kb/articleDetail?language=en_US\u0026articleNumber=000045696",
"refsource": "CONFIRM",
"url": "http://support.blackberry.com/kb/articleDetail?language=en_US\u0026articleNumber=000045696"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dbe78b00-5e7b-4fda-8748-329789ecfc5c",
"assignerShortName": "blackberry",
"cveId": "CVE-2017-9368",
"datePublished": "2017-10-16T21:00:00.000Z",
"dateReserved": "2017-06-02T00:00:00.000Z",
"dateUpdated": "2024-09-17T03:37:37.243Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-9367 (GCVE-0-2017-9367)
Vulnerability from nvd – Published: 2017-10-16 21:00 – Updated: 2024-09-16 16:24
VLAI
Summary
A directory traversal vulnerability in the BlackBerry Workspaces Server could potentially allow an attacker to execute or upload arbitrary files, or reveal the content of arbitrary files anywhere on the web server by crafting a URL with a manipulated POST request.
Severity
No CVSS data available.
CWE
- Directory traversal
Assigner
References
1 reference
| URL | Tags |
|---|---|
| http://support.blackberry.com/kb/articleDetail?la… | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| BlackBerry | Workspaces Server |
Affected:
BlackBerry Workspaces Server components Appliance-X 1.11.0 to 1.11.2, vApp versions 5.6.0 to 5.6.6, and vApp versions 5.5.9 and earlier
|
Date Public
2017-10-16 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T17:02:44.376Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.blackberry.com/kb/articleDetail?language=en_US\u0026articleNumber=000045696"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Workspaces Server",
"vendor": "BlackBerry",
"versions": [
{
"status": "affected",
"version": "BlackBerry Workspaces Server components Appliance-X 1.11.0 to 1.11.2, vApp versions 5.6.0 to 5.6.6, and vApp versions 5.5.9 and earlier"
}
]
}
],
"datePublic": "2017-10-16T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A directory traversal vulnerability in the BlackBerry Workspaces Server could potentially allow an attacker to execute or upload arbitrary files, or reveal the content of arbitrary files anywhere on the web server by crafting a URL with a manipulated POST request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Directory traversal",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-16T20:57:01.000Z",
"orgId": "dbe78b00-5e7b-4fda-8748-329789ecfc5c",
"shortName": "blackberry"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.blackberry.com/kb/articleDetail?language=en_US\u0026articleNumber=000045696"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@blackberry.com",
"DATE_PUBLIC": "2017-10-16T00:00:00",
"ID": "CVE-2017-9367",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Workspaces Server",
"version": {
"version_data": [
{
"version_value": "BlackBerry Workspaces Server components Appliance-X 1.11.0 to 1.11.2, vApp versions 5.6.0 to 5.6.6, and vApp versions 5.5.9 and earlier"
}
]
}
}
]
},
"vendor_name": "BlackBerry"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A directory traversal vulnerability in the BlackBerry Workspaces Server could potentially allow an attacker to execute or upload arbitrary files, or reveal the content of arbitrary files anywhere on the web server by crafting a URL with a manipulated POST request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Directory traversal"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://support.blackberry.com/kb/articleDetail?language=en_US\u0026articleNumber=000045696",
"refsource": "CONFIRM",
"url": "http://support.blackberry.com/kb/articleDetail?language=en_US\u0026articleNumber=000045696"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dbe78b00-5e7b-4fda-8748-329789ecfc5c",
"assignerShortName": "blackberry",
"cveId": "CVE-2017-9367",
"datePublished": "2017-10-16T21:00:00.000Z",
"dateReserved": "2017-06-02T00:00:00.000Z",
"dateUpdated": "2024-09-16T16:24:17.407Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-3890 (GCVE-0-2017-3890)
Vulnerability from nvd – Published: 2017-01-13 09:00 – Updated: 2024-08-05 14:39
VLAI
Summary
A reflected cross-site scripting vulnerability in the BlackBerry WatchDox Server components Appliance-X, version 1.8.1 and earlier, and vAPP, versions 4.6.0 to 5.4.1, allows remote attackers to execute script commands in the context of the affected browser by persuading a user to click an attacker-supplied malicious link.
Severity
No CVSS data available.
CWE
- cross-site scripting
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/95442 | vdb-entryx_refsource_BID |
| http://support.blackberry.com/kb/articleDetail?ar… | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | BlackBerry WatchDox Server |
Affected:
BlackBerry WatchDox Server
|
Date Public
2017-01-13 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:39:41.373Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "95442",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95442"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.blackberry.com/kb/articleDetail?articleNumber=000038915"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "BlackBerry WatchDox Server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "BlackBerry WatchDox Server"
}
]
}
],
"datePublic": "2017-01-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A reflected cross-site scripting vulnerability in the BlackBerry WatchDox Server components Appliance-X, version 1.8.1 and earlier, and vAPP, versions 4.6.0 to 5.4.1, allows remote attackers to execute script commands in the context of the affected browser by persuading a user to click an attacker-supplied malicious link."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "cross-site scripting",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-01-17T10:57:01.000Z",
"orgId": "dbe78b00-5e7b-4fda-8748-329789ecfc5c",
"shortName": "blackberry"
},
"references": [
{
"name": "95442",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95442"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.blackberry.com/kb/articleDetail?articleNumber=000038915"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@blackberry.com",
"ID": "CVE-2017-3890",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BlackBerry WatchDox Server",
"version": {
"version_data": [
{
"version_value": "BlackBerry WatchDox Server"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A reflected cross-site scripting vulnerability in the BlackBerry WatchDox Server components Appliance-X, version 1.8.1 and earlier, and vAPP, versions 4.6.0 to 5.4.1, allows remote attackers to execute script commands in the context of the affected browser by persuading a user to click an attacker-supplied malicious link."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "cross-site scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "95442",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95442"
},
{
"name": "http://support.blackberry.com/kb/articleDetail?articleNumber=000038915",
"refsource": "CONFIRM",
"url": "http://support.blackberry.com/kb/articleDetail?articleNumber=000038915"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dbe78b00-5e7b-4fda-8748-329789ecfc5c",
"assignerShortName": "blackberry",
"cveId": "CVE-2017-3890",
"datePublished": "2017-01-13T09:00:00.000Z",
"dateReserved": "2016-12-21T00:00:00.000Z",
"dateUpdated": "2024-08-05T14:39:41.373Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-9367 (GCVE-0-2017-9367)
Vulnerability from cvelistv5 – Published: 2017-10-16 21:00 – Updated: 2024-09-16 16:24
VLAI
Summary
A directory traversal vulnerability in the BlackBerry Workspaces Server could potentially allow an attacker to execute or upload arbitrary files, or reveal the content of arbitrary files anywhere on the web server by crafting a URL with a manipulated POST request.
Severity
No CVSS data available.
CWE
- Directory traversal
Assigner
References
1 reference
| URL | Tags |
|---|---|
| http://support.blackberry.com/kb/articleDetail?la… | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| BlackBerry | Workspaces Server |
Affected:
BlackBerry Workspaces Server components Appliance-X 1.11.0 to 1.11.2, vApp versions 5.6.0 to 5.6.6, and vApp versions 5.5.9 and earlier
|
Date Public
2017-10-16 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T17:02:44.376Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.blackberry.com/kb/articleDetail?language=en_US\u0026articleNumber=000045696"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Workspaces Server",
"vendor": "BlackBerry",
"versions": [
{
"status": "affected",
"version": "BlackBerry Workspaces Server components Appliance-X 1.11.0 to 1.11.2, vApp versions 5.6.0 to 5.6.6, and vApp versions 5.5.9 and earlier"
}
]
}
],
"datePublic": "2017-10-16T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A directory traversal vulnerability in the BlackBerry Workspaces Server could potentially allow an attacker to execute or upload arbitrary files, or reveal the content of arbitrary files anywhere on the web server by crafting a URL with a manipulated POST request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Directory traversal",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-16T20:57:01.000Z",
"orgId": "dbe78b00-5e7b-4fda-8748-329789ecfc5c",
"shortName": "blackberry"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.blackberry.com/kb/articleDetail?language=en_US\u0026articleNumber=000045696"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@blackberry.com",
"DATE_PUBLIC": "2017-10-16T00:00:00",
"ID": "CVE-2017-9367",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Workspaces Server",
"version": {
"version_data": [
{
"version_value": "BlackBerry Workspaces Server components Appliance-X 1.11.0 to 1.11.2, vApp versions 5.6.0 to 5.6.6, and vApp versions 5.5.9 and earlier"
}
]
}
}
]
},
"vendor_name": "BlackBerry"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A directory traversal vulnerability in the BlackBerry Workspaces Server could potentially allow an attacker to execute or upload arbitrary files, or reveal the content of arbitrary files anywhere on the web server by crafting a URL with a manipulated POST request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Directory traversal"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://support.blackberry.com/kb/articleDetail?language=en_US\u0026articleNumber=000045696",
"refsource": "CONFIRM",
"url": "http://support.blackberry.com/kb/articleDetail?language=en_US\u0026articleNumber=000045696"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dbe78b00-5e7b-4fda-8748-329789ecfc5c",
"assignerShortName": "blackberry",
"cveId": "CVE-2017-9367",
"datePublished": "2017-10-16T21:00:00.000Z",
"dateReserved": "2017-06-02T00:00:00.000Z",
"dateUpdated": "2024-09-16T16:24:17.407Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-9368 (GCVE-0-2017-9368)
Vulnerability from cvelistv5 – Published: 2017-10-16 21:00 – Updated: 2024-09-17 03:37
VLAI
Summary
An information disclosure vulnerability in the BlackBerry Workspaces Server could result in an attacker gaining access to source code for server-side applications by crafting a request for specific files.
Severity
No CVSS data available.
CWE
- Information disclosure
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/96542 | vdb-entryx_refsource_BID |
| http://support.blackberry.com/kb/articleDetail?la… | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| BlackBerry | Workspaces Server |
Affected:
BlackBerry Workspaces Server components Appliance-X 1.11.0 to 1.11.2, vApp versions 5.6.0 to 5.6.6, and vApp versions 5.5.9 and earlier
|
Date Public
2017-10-16 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T17:02:44.383Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "96542",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/96542"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.blackberry.com/kb/articleDetail?language=en_US\u0026articleNumber=000045696"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Workspaces Server",
"vendor": "BlackBerry",
"versions": [
{
"status": "affected",
"version": "BlackBerry Workspaces Server components Appliance-X 1.11.0 to 1.11.2, vApp versions 5.6.0 to 5.6.6, and vApp versions 5.5.9 and earlier"
}
]
}
],
"datePublic": "2017-10-16T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An information disclosure vulnerability in the BlackBerry Workspaces Server could result in an attacker gaining access to source code for server-side applications by crafting a request for specific files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-17T09:57:01.000Z",
"orgId": "dbe78b00-5e7b-4fda-8748-329789ecfc5c",
"shortName": "blackberry"
},
"references": [
{
"name": "96542",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/96542"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.blackberry.com/kb/articleDetail?language=en_US\u0026articleNumber=000045696"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@blackberry.com",
"DATE_PUBLIC": "2017-10-16T00:00:00",
"ID": "CVE-2017-9368",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Workspaces Server",
"version": {
"version_data": [
{
"version_value": "BlackBerry Workspaces Server components Appliance-X 1.11.0 to 1.11.2, vApp versions 5.6.0 to 5.6.6, and vApp versions 5.5.9 and earlier"
}
]
}
}
]
},
"vendor_name": "BlackBerry"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An information disclosure vulnerability in the BlackBerry Workspaces Server could result in an attacker gaining access to source code for server-side applications by crafting a request for specific files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "96542",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96542"
},
{
"name": "http://support.blackberry.com/kb/articleDetail?language=en_US\u0026articleNumber=000045696",
"refsource": "CONFIRM",
"url": "http://support.blackberry.com/kb/articleDetail?language=en_US\u0026articleNumber=000045696"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dbe78b00-5e7b-4fda-8748-329789ecfc5c",
"assignerShortName": "blackberry",
"cveId": "CVE-2017-9368",
"datePublished": "2017-10-16T21:00:00.000Z",
"dateReserved": "2017-06-02T00:00:00.000Z",
"dateUpdated": "2024-09-17T03:37:37.243Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-3890 (GCVE-0-2017-3890)
Vulnerability from cvelistv5 – Published: 2017-01-13 09:00 – Updated: 2024-08-05 14:39
VLAI
Summary
A reflected cross-site scripting vulnerability in the BlackBerry WatchDox Server components Appliance-X, version 1.8.1 and earlier, and vAPP, versions 4.6.0 to 5.4.1, allows remote attackers to execute script commands in the context of the affected browser by persuading a user to click an attacker-supplied malicious link.
Severity
No CVSS data available.
CWE
- cross-site scripting
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/95442 | vdb-entryx_refsource_BID |
| http://support.blackberry.com/kb/articleDetail?ar… | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | BlackBerry WatchDox Server |
Affected:
BlackBerry WatchDox Server
|
Date Public
2017-01-13 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:39:41.373Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "95442",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95442"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.blackberry.com/kb/articleDetail?articleNumber=000038915"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "BlackBerry WatchDox Server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "BlackBerry WatchDox Server"
}
]
}
],
"datePublic": "2017-01-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A reflected cross-site scripting vulnerability in the BlackBerry WatchDox Server components Appliance-X, version 1.8.1 and earlier, and vAPP, versions 4.6.0 to 5.4.1, allows remote attackers to execute script commands in the context of the affected browser by persuading a user to click an attacker-supplied malicious link."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "cross-site scripting",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-01-17T10:57:01.000Z",
"orgId": "dbe78b00-5e7b-4fda-8748-329789ecfc5c",
"shortName": "blackberry"
},
"references": [
{
"name": "95442",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95442"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.blackberry.com/kb/articleDetail?articleNumber=000038915"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@blackberry.com",
"ID": "CVE-2017-3890",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BlackBerry WatchDox Server",
"version": {
"version_data": [
{
"version_value": "BlackBerry WatchDox Server"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A reflected cross-site scripting vulnerability in the BlackBerry WatchDox Server components Appliance-X, version 1.8.1 and earlier, and vAPP, versions 4.6.0 to 5.4.1, allows remote attackers to execute script commands in the context of the affected browser by persuading a user to click an attacker-supplied malicious link."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "cross-site scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "95442",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95442"
},
{
"name": "http://support.blackberry.com/kb/articleDetail?articleNumber=000038915",
"refsource": "CONFIRM",
"url": "http://support.blackberry.com/kb/articleDetail?articleNumber=000038915"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dbe78b00-5e7b-4fda-8748-329789ecfc5c",
"assignerShortName": "blackberry",
"cveId": "CVE-2017-3890",
"datePublished": "2017-01-13T09:00:00.000Z",
"dateReserved": "2016-12-21T00:00:00.000Z",
"dateUpdated": "2024-08-05T14:39:41.373Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}