CVE-2020-6933

An improper input validation vulnerability in the UEM Core of BlackBerry UEM version(s) 12.13.0, 12.12.1a QF2 (and earlier), and 12.11.1 QF3 (and earlier) could allow an attacker to potentially cause a Denial of Service (DoS) of the UEM Core service.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.5 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
blackberryCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 15%
VendorProductVersion
blackberryunified_endpoint_manager
𝑥
≤ 12.11.1
blackberryunified_endpoint_manager
12.11.1:quick_fix1
blackberryunified_endpoint_manager
12.11.1:quick_fix2
blackberryunified_endpoint_manager
12.11.1:quick_fix3
blackberryunified_endpoint_manager
12.12.1a:a
blackberryunified_endpoint_manager
12.12.1a:a
blackberryunified_endpoint_manager
12.12.1a:a
blackberryunified_endpoint_manager
12.13.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://support.blackberry.com/kb/articleDetail?articleNumber=000068112
https://support.blackberry.com/kb/articleDetail?articleNumber=000068112