The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of BlackBerry Enterprise Server

computer vulnerability note CVE-2017-3894

BlackBerry BES/UEM: Cross Site Scripting

Synthesis of the vulnerability

An attacker can trigger a Cross Site Scripting of BlackBerry BES/UEM, in order to run JavaScript code in the context of the web site.
Impacted products: BES, BlackBerry UEM.
Severity: 2/4.
Consequences: client access/rights.
Provenance: document.
Creation date: 10/05/2017.
Identifiers: BSRT-2017-004, CVE-2017-3894, VIGILANCE-VUL-22699.

Description of the vulnerability

The BlackBerry BES/UEM product offers a web service.

However, it does not filter received data before inserting them in generated HTML documents.

An attacker can therefore trigger a Cross Site Scripting of BlackBerry BES/UEM, in order to run JavaScript code in the context of the web site.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability note CVE-2016-3128 CVE-2016-3130

BlackBerry Enterprise Service: two vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of BlackBerry Enterprise Service.
Impacted products: BES.
Severity: 2/4.
Consequences: privileged access/rights, user access/rights, data reading.
Provenance: LAN.
Number of vulnerabilities in this bulletin: 2.
Creation date: 11/01/2017.
Identifiers: BSRT-2017-001, BSRT-2017-002, CVE-2016-3128, CVE-2016-3130, VIGILANCE-VUL-21549.

Description of the vulnerability

Several vulnerabilities were announced in BlackBerry Enterprise Service.

An attacker can bypass security features via Illegitimate Device, in order to escalate his privileges. [severity:2/4; BSRT-2017-001, CVE-2016-3128]

An attacker can bypass security features via Sniffing, in order to obtain sensitive information. [severity:2/4; BSRT-2017-002, CVE-2016-3130]
Full Vigil@nce bulletin... (Free trial)

computer vulnerability bulletin CVE-2016-1916 CVE-2016-1917 CVE-2016-1918

BlackBerry Enterprise Service: four vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of BlackBerry Enterprise Service.
Impacted products: BES.
Severity: 2/4.
Consequences: client access/rights.
Provenance: document.
Number of vulnerabilities in this bulletin: 4.
Creation date: 13/04/2016.
Identifiers: BSRT-2016-003, BSRT-2016-004, BSRT-2016-005, CVE-2016-1916, CVE-2016-1917, CVE-2016-1918, CVE-2016-3126, VIGILANCE-VUL-19368.

Description of the vulnerability

Several vulnerabilities were announced in BlackBerry Enterprise Service.

An attacker can trigger a Cross Site Scripting, in order to run JavaScript code in the context of the web site. [severity:2/4; BSRT-2016-003, CVE-2016-1916]

An attacker can trigger a Cross Site Scripting, in order to run JavaScript code in the context of the web site. [severity:2/4; BSRT-2016-004, CVE-2016-1917]

An attacker can trigger a Cross Site Scripting, in order to run JavaScript code in the context of the web site. [severity:2/4; BSRT-2016-004, CVE-2016-1918]

An attacker can trigger a Cross Site Scripting, in order to run JavaScript code in the context of the web site. [severity:2/4; BSRT-2016-005, CVE-2016-3126]
Full Vigil@nce bulletin... (Free trial)

vulnerability CVE-2016-1914 CVE-2016-1915

BlackBerry Enterprise Service: two vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of BlackBerry Enterprise Service.
Impacted products: BES.
Severity: 2/4.
Consequences: client access/rights, data reading, data creation/edition, data deletion.
Provenance: document.
Number of vulnerabilities in this bulletin: 2.
Creation date: 22/02/2016.
Identifiers: 000038033, BSRT-2016-001, CVE-2016-1914, CVE-2016-1915, VIGILANCE-VUL-19000.

Description of the vulnerability

Several vulnerabilities were announced in BlackBerry Enterprise Service.

An attacker can use a SQL injection, in order to read or alter data. [severity:2/4; CVE-2016-1914]

An attacker can trigger a Cross Site Scripting, in order to run JavaScript code in the context of the web site. [severity:2/4; CVE-2016-1915]
Full Vigil@nce bulletin... (Free trial)

vulnerability bulletin CVE-2016-1914 CVE-2016-1915

BlackBerry Enterprise Service: two vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of BlackBerry Enterprise Service.
Impacted products: BES.
Severity: 2/4.
Consequences: privileged access/rights, data reading, data creation/edition, data deletion.
Provenance: internet client.
Number of vulnerabilities in this bulletin: 2.
Creation date: 15/02/2016.
Revision date: 18/02/2016.
Identifiers: BSRT-2016-001, CVE-2016-1914, CVE-2016-1915, VIGILANCE-VUL-18943.

Description of the vulnerability

Several vulnerabilities were announced in BlackBerry Enterprise Service.

An attacker can use a SQL injection in the HTTP request parameter "imageName", in order to read or alter data. [severity:2/4; CVE-2016-1914]

An attacker can trigger a Cross Site Scripting in the HTTP request parameter "locale", in order to run JavaScript code in the context of the web site. [severity:2/4; CVE-2016-1915]
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert CVE-2015-4112

BlackBerry Enterprise Service: Cross Frame Scripting of Management Console

Synthesis of the vulnerability

An attacker can trigger a Cross Frame Scripting in Management Console of BlackBerry Enterprise Service, in order to run JavaScript code in the context of the web site.
Impacted products: BES.
Severity: 2/4.
Consequences: client access/rights.
Provenance: document.
Creation date: 12/11/2015.
Identifiers: BSRT-2015-002, CVE-2015-4112, VIGILANCE-VUL-18296.

Description of the vulnerability

The BlackBerry Enterprise Service product offers a web service.

However, it does not filter received data before inserting them in generated HTML documents.

An attacker can therefore trigger a Cross Frame Scripting in Management Console of BlackBerry Enterprise Service, in order to run JavaScript code in the context of the web site.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability CVE-2014-3566

SSL 3.0: decrypting session, POODLE

Synthesis of the vulnerability

An attacker, located as a Man-in-the-Middle, can decrypt a SSL 3.0 session, in order to obtain sensitive information.
Impacted products: SES, SNS, Apache httpd, Arkoon FAST360, ArubaOS, Asterisk Open Source, BES, ProxyAV, ProxySG par Blue Coat, SGOS by Blue Coat, GAiA, CheckPoint IP Appliance, IPSO, SecurePlatform, CheckPoint Security Appliance, CheckPoint Security Gateway, Cisco ASR, Cisco ACE, ASA, AsyncOS, Cisco CSS, Cisco ESA, IOS by Cisco, IOS XE Cisco, IOS XR Cisco, IronPort Email, Nexus by Cisco, NX-OS, Prime Infrastructure, Cisco PRSM, Cisco Router, WebNS, Clearswift Email Gateway, Clearswift Web Gateway, CUPS, Debian, Black Diamond, ExtremeXOS, Summit, BIG-IP Hardware, TMOS, Fedora, FortiGate, FortiGate Virtual Appliance, FortiManager, FortiManager Virtual Appliance, FortiOS, FreeBSD, F-Secure AV, hMailServer, HPE BSM, HP Data Protector, HPE NNMi, HP Operations, ProCurve Switch, SiteScope, HP Switch, TippingPoint IPS, HP-UX, AIX, Domino, Notes, Security Directory Server, SPSS Data Collection, Tivoli System Automation, Tivoli Workload Scheduler, WebSphere AS Traditional, WebSphere MQ, IVE OS, Juniper J-Series, Junos OS, Junos Space, Junos Space Network Management Platform, MAG Series by Juniper, NSM Central Manager, NSMXpress, Juniper SA, McAfee Email and Web Security, McAfee Email Gateway, ePO, VirusScan, McAfee Web Gateway, IE, Windows 2003, Windows 2008 R0, Windows 2008 R2, Windows 2012, Windows 7, Windows 8, Windows (platform) ~ not comprehensive, Windows RT, Windows Vista, NETASQ, NetBSD, NetScreen Firewall, ScreenOS, nginx, Nodejs Core, OpenSSL, openSUSE, openSUSE Leap, Oracle DB, Oracle Fusion Middleware, Oracle Identity Management, Oracle OIT, Solaris, Tuxedo, WebLogic, Palo Alto Firewall PA***, PAN-OS, Polycom CMA, HDX, RealPresence Collaboration Server, RealPresence Distributed Media Application, Polycom VBP, Postfix, SSL protocol, Puppet, RHEL, JBoss EAP by Red Hat, RSA Authentication Manager, ROS, ROX, RuggedSwitch, Slackware, Splunk Enterprise, stunnel, SUSE Linux Enterprise Desktop, SLES, Synology DSM, Ubuntu, Unix (platform) ~ not comprehensive, ESXi, vCenter Server, VMware vSphere, VMware vSphere Hypervisor, WinSCP.
Severity: 3/4.
Consequences: data reading, data creation/edition.
Provenance: internet client.
Creation date: 15/10/2014.
Identifiers: 10923, 1589583, 1595265, 1653364, 1657963, 1663874, 1687167, 1687173, 1687433, 1687604, 1687611, 1690160, 1690185, 1690342, 1691140, 1692551, 1695392, 1696383, 1699051, 1700706, 2977292, 3009008, 7036319, aid-10142014, AST-2014-011, bulletinapr2015, bulletinjan2015, bulletinjan2016, bulletinjul2015, bulletinjul2016, bulletinoct2015, c04486577, c04487990, c04492722, c04497114, c04506802, c04510230, c04567918, c04616259, c04626982, c04676133, c04776510, CERTFR-2014-ALE-007, CERTFR-2014-AVI-454, CERTFR-2014-AVI-509, CERTFR-2015-AVI-169, CERTFR-2016-AVI-303, cisco-sa-20141015-poodle, cpujul2017, CTX216642, CVE-2014-3566, DSA-3053-1, DSA-3253-1, DSA-3489-1, ESA-2014-178, ESA-2015-098, ESXi500-201502001, ESXi500-201502101-SG, ESXi510-201503001, ESXi510-201503001-SG, ESXi510-201503101-SG, ESXi550-201501001, ESXi550-201501101-SG, FEDORA-2014-12989, FEDORA-2014-12991, FEDORA-2014-13012, FEDORA-2014-13017, FEDORA-2014-13040, FEDORA-2014-13069, FEDORA-2014-13070, FEDORA-2014-13444, FEDORA-2014-13451, FEDORA-2014-13764, FEDORA-2014-13777, FEDORA-2014-13781, FEDORA-2014-13794, FEDORA-2014-14234, FEDORA-2014-14237, FEDORA-2014-15379, FEDORA-2014-15390, FEDORA-2014-15411, FEDORA-2014-17576, FEDORA-2014-17587, FEDORA-2015-9090, FEDORA-2015-9110, FreeBSD-SA-14:23.openssl, FSC-2014-8, HPSBGN03256, HPSBGN03305, HPSBGN03332, HPSBHF03156, HPSBHF03300, HPSBMU03152, HPSBMU03184, HPSBMU03213, HPSBMU03416, HPSBUX03162, HPSBUX03194, JSA10656, MDVSA-2014:203, MDVSA-2014:218, MDVSA-2015:062, NetBSD-SA2014-015, nettcp_advisory, openSUSE-SU-2014:1331-1, openSUSE-SU-2014:1384-1, openSUSE-SU-2014:1395-1, openSUSE-SU-2014:1426-1, openSUSE-SU-2016:0640-1, openSUSE-SU-2016:1586-1, openSUSE-SU-2017:0980-1, PAN-SA-2014-0005, POODLE, RHSA-2014:1652-01, RHSA-2014:1653-01, RHSA-2014:1692-01, RHSA-2014:1920-01, RHSA-2014:1948-01, RHSA-2015:0010-01, RHSA-2015:0011-01, RHSA-2015:0012-01, RHSA-2015:1545-01, RHSA-2015:1546-01, SA83, SB10090, SB10104, sk102989, SOL15702, SP-CAAANKE, SP-CAAANST, SPL-91947, SPL-91948, SSA:2014-288-01, SSA-396873, SSA-472334, SSRT101767, STORM-2014-02-FR, SUSE-SU-2014:1357-1, SUSE-SU-2014:1361-1, SUSE-SU-2014:1386-1, SUSE-SU-2014:1387-1, SUSE-SU-2014:1387-2, SUSE-SU-2014:1409-1, SUSE-SU-2015:0010-1, SUSE-SU-2016:1457-1, SUSE-SU-2016:1459-1, T1021439, TSB16540, USN-2839-1, VIGILANCE-VUL-15485, VMSA-2015-0001, VMSA-2015-0001.1, VMSA-2015-0001.2, VN-2014-003, VU#577193.

Description of the vulnerability

An SSL/TLS session can be established using several protocols:
 - SSL 2.0 (obsolete)
 - SSL 3.0
 - TLS 1.0
 - TLS 1.1
 - TLS 1.2

An attacker can downgrade the version to SSLv3. However, with SSL 3.0, an attacker can change the padding position with a CBC encryption, in order to progressively guess clear text fragments.

This vulnerability is named POODLE (Padding Oracle On Downgraded Legacy Encryption).

An attacker, located as a Man-in-the-Middle, can therefore decrypt a SSL 3.0 session, in order to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert CVE-2014-1469

BlackBerry Enterprise Service: information disclosure via activity log files

Synthesis of the vulnerability

An attacker can trigger an error with Enterprise Instant Messenger of BlackBerry Enterprise Service, in order to obtain sensitive information.
Impacted products: BES.
Severity: 2/4.
Consequences: data reading.
Provenance: user shell.
Creation date: 14/08/2014.
Identifiers: BSRT-2014-007, CVE-2014-1469, VIGILANCE-VUL-15186.

Description of the vulnerability

The BlackBerry Enterprise Service product offers an Instant Messaging function.

Access to this service requires creation of a communication session and user authentication. However, in some cases, when an error occurs at the beginning or the end of session, the server records in its activity logs the secrets used for communication encryption or user authentication.

An attacker who can read the activity log files can therefore get sensitive information.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert CVE-2014-0195

OpenSSL: buffer overflow of DTLS

Synthesis of the vulnerability

An attacker can generate a buffer overflow via DTLS of OpenSSL, in order to trigger a denial of service, and possibly to execute code.
Impacted products: ArubaOS, BES, ProxyAV, ProxySG par Blue Coat, SGOS by Blue Coat, Cisco ASR, Cisco ATA, Cisco ACE, ASA, AsyncOS, Cisco Catalyst, CiscoWorks, Cisco Content SMA, Cisco CSS, Cisco ESA, IOS by Cisco, IOS XE Cisco, IOS XR Cisco, Cisco IPS, IronPort Email, IronPort Management, IronPort Web, Nexus by Cisco, NX-OS, Prime Collaboration Assurance, Prime Collaboration Manager, Prime Infrastructure, Cisco PRSM, Cisco Router, Secure ACS, Cisco CUCM, Cisco Manager Attendant Console, Cisco Unified CCX, Cisco IP Phone, Cisco MeetingPlace, Cisco Wireless IP Phone, Cisco Unity ~ precise, WebNS, Cisco WSA, Debian, Avamar, EMC CAVA, EMC CEE, EMC CEPA, Celerra FAST, Celerra NS, Celerra NX4, EMC CMDCE, Connectrix Switch, ECC, NetWorker, PowerPath, Unisphere EMC, VNX Operating Environment, VNX Series, BIG-IP Hardware, TMOS, Fedora, FortiAnalyzer, FortiAnalyzer Virtual Appliance, FortiClient, FortiManager, FortiManager Virtual Appliance, FreeBSD, HP Operations, HP-UX, AIX, Juniper J-Series, Junos OS, Junos Pulse, Juniper Network Connect, Juniper UAC, McAfee Web Gateway, NetBSD, OpenBSD, OpenSSL, openSUSE, openSUSE Leap, Solaris, Polycom CMA, HDX, RealPresence Collaboration Server, Polycom VBP, RHEL, ACE Agent, ACE Server, RSA Authentication Agent, RSA Authentication Manager, SecurID, Slackware, stunnel, Ubuntu.
Severity: 3/4.
Consequences: privileged access/rights, user access/rights, denial of service on service, denial of service on client.
Provenance: internet client.
Creation date: 05/06/2014.
Identifiers: aid-06062014, c04336637, c04363613, c04368523, CERTFR-2014-AVI-253, CERTFR-2014-AVI-254, CERTFR-2014-AVI-255, CERTFR-2014-AVI-260, CERTFR-2014-AVI-279, CERTFR-2014-AVI-286, CERTFR-2014-AVI-291, cisco-sa-20140605-openssl, CTX140876, CVE-2014-0195, DOC-53313, DSA-2950-1, DSA-2950-2, FEDORA-2014-17576, FEDORA-2014-17587, FEDORA-2014-7101, FEDORA-2014-7102, FG-IR-14-018, FreeBSD-SA-14:14.openssl, HPSBMU03069, HPSBUX03046, JSA10629, KB36051, MDVSA-2014:106, MDVSA-2015:062, NetBSD-SA2014-006, openSUSE-SU-2014:0764-1, openSUSE-SU-2014:0765-1, openSUSE-SU-2016:0640-1, RHSA-2014:0625-01, RHSA-2014:0628-01, RHSA-2014:0679-01, SA40006, SA80, SB10075, SOL15356, SSA:2014-156-03, SSRT101590, USN-2232-1, USN-2232-2, USN-2232-3, USN-2232-4, VIGILANCE-VUL-14846, ZDI-14-173.

Description of the vulnerability

The DTLS (Datagram Transport Layer Security) protocol, based on TLS, provides a cryptographic layer over the UDP protocol.

However, if the size of data of a DTLS fragment is greater than the size of the storage array, an overflow occurs.

An attacker can therefore generate a buffer overflow via DTLS of OpenSSL, in order to trigger a denial of service, and possibly to execute code.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability CVE-2014-0221

OpenSSL: denial of service via DTLS Recursion

Synthesis of the vulnerability

An attacker, who is located on a DTLS server, can use a malicious handshake, in order to trigger a denial of service in OpenSSL client applications.
Impacted products: ArubaOS, BES, ProxyAV, ProxySG par Blue Coat, SGOS by Blue Coat, Cisco ASR, Cisco ATA, Cisco ACE, ASA, AsyncOS, Cisco Catalyst, CiscoWorks, Cisco Content SMA, Cisco CSS, Cisco ESA, IOS by Cisco, IOS XE Cisco, IOS XR Cisco, Cisco IPS, IronPort Email, IronPort Management, IronPort Web, Nexus by Cisco, NX-OS, Prime Collaboration Assurance, Prime Collaboration Manager, Prime Infrastructure, Cisco PRSM, Cisco Router, Secure ACS, Cisco CUCM, Cisco Manager Attendant Console, Cisco Unified CCX, Cisco IP Phone, Cisco MeetingPlace, Cisco Wireless IP Phone, Cisco Unity ~ precise, WebNS, Cisco WSA, Debian, Avamar, EMC CAVA, EMC CEE, EMC CEPA, Celerra FAST, Celerra NS, Celerra NX4, EMC CMDCE, Connectrix Switch, ECC, NetWorker, PowerPath, Unisphere EMC, VNX Operating Environment, VNX Series, BIG-IP Hardware, TMOS, Fedora, FortiAnalyzer, FortiAnalyzer Virtual Appliance, FortiClient, FortiManager, FortiManager Virtual Appliance, FreeBSD, HP Operations, HP-UX, AIX, Juniper J-Series, Junos OS, Junos Pulse, Juniper Network Connect, Juniper UAC, McAfee Web Gateway, NetBSD, OpenBSD, OpenSSL, openSUSE, openSUSE Leap, Solaris, Polycom CMA, HDX, RealPresence Collaboration Server, Polycom VBP, RHEL, JBoss EAP by Red Hat, ACE Agent, ACE Server, RSA Authentication Agent, RSA Authentication Manager, SecurID, Slackware, stunnel, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 2/4.
Consequences: denial of service on client.
Provenance: internet server.
Creation date: 05/06/2014.
Identifiers: aid-06062014, c04336637, c04363613, c04368523, CERTFR-2014-AVI-253, CERTFR-2014-AVI-254, CERTFR-2014-AVI-255, CERTFR-2014-AVI-260, CERTFR-2014-AVI-279, CERTFR-2014-AVI-286, cisco-sa-20140605-openssl, CTX140876, CVE-2014-0221, DOC-53313, DSA-2950-1, DSA-2950-2, FEDORA-2014-17576, FEDORA-2014-17587, FEDORA-2014-7101, FEDORA-2014-7102, FG-IR-14-018, FreeBSD-SA-14:14.openssl, HPSBMU03069, HPSBUX03046, JSA10629, KB36051, MDVSA-2014:105, MDVSA-2014:106, MDVSA-2015:062, NetBSD-SA2014-006, openSUSE-SU-2014:0764-1, openSUSE-SU-2014:0765-1, openSUSE-SU-2016:0640-1, RHSA-2014:0625-01, RHSA-2014:0628-01, RHSA-2014:0679-01, RHSA-2014:1019-01, RHSA-2014:1020-01, RHSA-2014:1021-01, RHSA-2014:1053-01, SA40006, SA80, SB10075, SOL15343, SSA:2014-156-03, SSRT101590, SUSE-SU-2014:0759-1, SUSE-SU-2014:0759-2, SUSE-SU-2014:0761-1, SUSE-SU-2014:0762-1, USN-2232-1, USN-2232-2, USN-2232-3, USN-2232-4, VIGILANCE-VUL-14845.

Description of the vulnerability

The OpenSSL product implements DTLS, which uses a handshake.

However, a special handshake triggers an infinite recursion in the OpenSSL client.

An attacker, who is located on a DTLS server, can therefore use a malicious handshake, in order to trigger a denial of service in OpenSSL client applications.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.