← Volver a CVEs
CVE-2020-6932
CRITICAL10.0
Descripcion
An information disclosure and remote code execution vulnerability in the slinger web server of the BlackBerry QNX Software Development Platform versions 6.4.0 to 6.6.0 could allow an attacker to potentially read arbitrary files and run arbitrary executables in the context of the web server.
Detalles CVE
Puntuacion CVSS v3.110.0
SeveridadCRITICAL
Vector CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L
Vector de ataqueNETWORK
ComplejidadLOW
Privilegios requeridosNONE
Interaccion usuarioNONE
Publicado8/12/2020
Ultima modificacion8/22/2025
Fuentenvd
Avistamientos honeypot0
Productos afectados
blackberry:qnx_software_development_platform
Debilidades (CWE)
CWE-150
Referencias
http://support.blackberry.com/kb/articleDetail?articleNumber=000061411(secure@blackberry.com)
http://support.blackberry.com/kb/articleDetail?articleNumber=000061411(af854a3a-2127-422b-91ae-364da2661108)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.