← Volver a CVEs
CVE-2021-22153
HIGH7.3
Descripcion
A Remote Code Execution vulnerability in the Management Console component of BlackBerry UEM version(s) 12.13.1 QF2 and earlier and 12.12.1a QF6 and earlier could allow an attacker to potentially cause the spreadsheet application to run commands on the victim’s local machine with the authority of the user.
Detalles CVE
Puntuacion CVSS v3.17.3
SeveridadHIGH
Vector CVSSCVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Vector de ataqueLOCAL
ComplejidadLOW
Privilegios requeridosLOW
Interaccion usuarioREQUIRED
Publicado5/13/2021
Ultima modificacion11/21/2024
Fuentenvd
Avistamientos honeypot0
Productos afectados
blackberry:unified_endpoint_management
Debilidades (CWE)
CWE-1236
Referencias
https://support.blackberry.com/kb/articleDetail?articleNumber=000078971(secure@blackberry.com)
https://support.blackberry.com/kb/articleDetail?articleNumber=000078971(af854a3a-2127-422b-91ae-364da2661108)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.