← Zuruck zu CVEs
CVE-2014-2388
N/ABeschreibung
The Storage and Access service in BlackBerry OS 10.x before 10.2.1.1925 on Q5, Q10, Z10, and Z30 devices does not enforce the password requirement for SMB filesystem access, which allows context-dependent attackers to read arbitrary files via (1) a session over a Wi-Fi network or (2) a session over a USB connection in Development Mode.
CVE Details
CVSS v3.1 BewertungN/A
Veroffentlicht8/18/2014
Zuletzt geandert4/12/2025
Quellenvd
Honeypot-Sichtungen0
Betroffene Produkte
blackberry:blackberry_osblackberry:q10blackberry:q5blackberry:z10blackberry:z30
Schwachen (CWE)
CWE-264
Referenzen
http://packetstormsecurity.com/files/127850(cve@mitre.org)
http://packetstormsecurity.com/files/127850/BlackBerry-Z10-Authentication-Bypass.html(cve@mitre.org)
http://secunia.com/advisories/60156(cve@mitre.org)
http://www.blackberry.com/btsc/KB36174(cve@mitre.org)
http://www.modzero.ch/advisories/MZ-13-04-Blackberry_Z10-File-Exchange-Authentication-By-Pass.txt(cve@mitre.org)
http://www.securityfocus.com/archive/1/533118/100/0/threaded(cve@mitre.org)
http://www.securityfocus.com/bid/69217(cve@mitre.org)
https://exchange.xforce.ibmcloud.com/vulnerabilities/95262(cve@mitre.org)
https://exchange.xforce.ibmcloud.com/vulnerabilities/95263(cve@mitre.org)
http://packetstormsecurity.com/files/127850(af854a3a-2127-422b-91ae-364da2661108)
http://packetstormsecurity.com/files/127850/BlackBerry-Z10-Authentication-Bypass.html(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/60156(af854a3a-2127-422b-91ae-364da2661108)
http://www.blackberry.com/btsc/KB36174(af854a3a-2127-422b-91ae-364da2661108)
http://www.modzero.ch/advisories/MZ-13-04-Blackberry_Z10-File-Exchange-Authentication-By-Pass.txt(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/archive/1/533118/100/0/threaded(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/69217(af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/95262(af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/95263(af854a3a-2127-422b-91ae-364da2661108)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.