NVD - Results

Sort results by:

Search Results (Refine Search)

Search Parameters:

Results Type: Overview
Keyword (text search): cpe:2.3:a:blackberry:blackberry_enterprise_service:12.3.1:*:*:*:*:*:*:*
CPE Name Search: true

There are 2 matching records.

Displaying matches 1 through 2.

Vuln ID	Summary	CVSS Severity
CVE-2016-1915	Multiple cross-site scripting (XSS) vulnerabilities in BlackBerry Enterprise Server 12 (BES12) Self-Service before 12.4 allow remote attackers to inject arbitrary web script or HTML via the locale parameter to (1) mydevice/index.jsp or (2) mydevice/loggedOut.jsp. Published: April 13, 2017; 10:59:01 AM -0400	V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM
CVE-2016-1914	Multiple SQL injection vulnerabilities in the com.rim.mdm.ui.server.ImageServlet servlet in BlackBerry Enterprise Server 12 (BES12) Self-Service before 12.4 allow remote attackers to execute arbitrary SQL commands via the imageName parameter to (1) mydevice/client/image, (2) admin/client/image, (3) myapps/client/image, (4) ssam/client/image, or (5) all/client/image. Published: April 13, 2017; 10:59:01 AM -0400	V4.0:(not available) V3.0: 8.8 HIGH V2.0: 6.8 MEDIUM