CVE-2020-6933

EUVD-2020-28075
An improper input validation vulnerability in the UEM Core of BlackBerry UEM version(s) 12.13.0, 12.12.1a QF2 (and earlier), and 12.11.1 QF3 (and earlier) could allow an attacker to potentially cause a Denial of Service (DoS) of the UEM Core service.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.5 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 15%
Affected Products (NVD)
VendorProductVersion
blackberryunified_endpoint_manager
𝑥
≤ 12.11.1
blackberryunified_endpoint_manager
12.11.1:quick_fix1
blackberryunified_endpoint_manager
12.11.1:quick_fix2
blackberryunified_endpoint_manager
12.11.1:quick_fix3
blackberryunified_endpoint_manager
12.12.1a:a
blackberryunified_endpoint_manager
12.12.1a:a
blackberryunified_endpoint_manager
12.12.1a:a
blackberryunified_endpoint_manager
12.13.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://support.blackberry.com/kb/articleDetail?articleNumber=000068112
https://support.blackberry.com/kb/articleDetail?articleNumber=000068112