← Back to CVEs
CVE-2021-22153
HIGH7.3
Description
A Remote Code Execution vulnerability in the Management Console component of BlackBerry UEM version(s) 12.13.1 QF2 and earlier and 12.12.1a QF6 and earlier could allow an attacker to potentially cause the spreadsheet application to run commands on the victim’s local machine with the authority of the user.
CVE Details
CVSS v3.1 Score7.3
SeverityHIGH
CVSS VectorCVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Attack VectorLOCAL
ComplexityLOW
Privileges RequiredLOW
User InteractionREQUIRED
Published5/13/2021
Last Modified11/21/2024
Sourcenvd
Honeypot Sightings0
Affected Products
blackberry:unified_endpoint_management
Weaknesses (CWE)
CWE-1236
References
https://support.blackberry.com/kb/articleDetail?articleNumber=000078971(secure@blackberry.com)
https://support.blackberry.com/kb/articleDetail?articleNumber=000078971(af854a3a-2127-422b-91ae-364da2661108)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.