CVE-2021-22155

An Authentication Bypass vulnerability in the SAML Authentication component of BlackBerry Workspaces Server (deployed with Appliance-X) version(s) 10.1, 9.1 and earlier could allow an attacker to potentially gain access to the application in the context of the targeted users account.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
8.8 HIGH
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
blackberryCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 58%
VendorProductVersion
blackberryworkspaces_server
𝑥
≤ 9.1
blackberryworkspaces_server
10.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://support.blackberry.com/kb/articleDetail?articleNumber=000078926
https://support.blackberry.com/kb/articleDetail?articleNumber=000078926