SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Generic)  >   BlackBerry Enterprise Server Vendors:   Research In Motion Limited
BlackBerry Enterprise Server Flaw Lets Remote Users Obtain User Login Credentials in Certain Cases
SecurityTracker Alert ID:  1037584
SecurityTracker URL:  http://securitytracker.com/id/1037584
CVE Reference:   CVE-2016-3130   (Links to External Site)
Date:  Jan 12 2017
Impact:   Disclosure of authentication information
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 12.5.2 and prior
Description:   A vulnerability was reported in BlackBerry Enterprise Server. A remote user can obtain login credentials in certain cases.

A remote user can that can monitor the network between the target BlackBerry Enterprise Server (BES) Core and the Management Console can obtain login credentials for users that access the Management Console and self-service portal.

Impact:   A remote user that can monitor the network can obtain login credentials.
Solution:   The vendor has issued a fix (12.6).

The vendor advisory is available at:

http://support.blackberry.com/kb/articleDetail?articleNumber=000038914

Vendor URL:  support.blackberry.com/kb/articleDetail?articleNumber=000038914 (Links to External Site)
Cause:   Not specified
Underlying OS:  Windows (2008), Windows (2012)

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC