← Retour aux CVEs
CVE-2020-6932
CRITICAL10.0
Description
An information disclosure and remote code execution vulnerability in the slinger web server of the BlackBerry QNX Software Development Platform versions 6.4.0 to 6.6.0 could allow an attacker to potentially read arbitrary files and run arbitrary executables in the context of the web server.
Details CVE
Score CVSS v3.110.0
SeveriteCRITICAL
Vecteur CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L
Vecteur d'attaqueNETWORK
ComplexiteLOW
Privileges requisNONE
Interaction utilisateurNONE
Publie8/12/2020
Derniere modification8/22/2025
Sourcenvd
Observations honeypot0
Produits affectes
blackberry:qnx_software_development_platform
Faiblesses (CWE)
CWE-150
References
http://support.blackberry.com/kb/articleDetail?articleNumber=000061411(secure@blackberry.com)
http://support.blackberry.com/kb/articleDetail?articleNumber=000061411(af854a3a-2127-422b-91ae-364da2661108)
Correlations IOC
Aucune correlation enregistree
This product uses data from the NVD API but is not endorsed or certified by the NVD.