CVE-2021-22155

EUVD-2021-9302
An Authentication Bypass vulnerability in the SAML Authentication component of BlackBerry Workspaces Server (deployed with Appliance-X) version(s) 10.1, 9.1 and earlier could allow an attacker to potentially gain access to the application in the context of the targeted user’s account.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
8.8 HIGH
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 58%
Affected Products (NVD)
VendorProductVersion
blackberryworkspaces_server
𝑥
≤ 9.1
blackberryworkspaces_server
10.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://support.blackberry.com/kb/articleDetail?articleNumber=000078926
https://support.blackberry.com/kb/articleDetail?articleNumber=000078926