VYPR
Unrated severityNVD Advisory· Published Oct 11, 2013· Updated Jun 16, 2026

CVE-2013-3693

CVE-2013-3693

Description

The BlackBerry Universal Device Service in BlackBerry Enterprise Service (BES) 10.0 through 10.1.2 does not properly restrict access to the JBoss Remote Method Invocation (RMI) interface, which allows remote attackers to upload and execute arbitrary packages via a request to port 1098.

Affected products

4
  • cpe:2.3:a:blackberry:blackberry_enterprise_service:10.0:*:*:*:*:*:*:*+ 3 more
    • cpe:2.3:a:blackberry:blackberry_enterprise_service:10.0:*:*:*:*:*:*:*
    • cpe:2.3:a:blackberry:blackberry_enterprise_service:10.1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:blackberry:blackberry_enterprise_service:10.1.2:*:*:*:*:*:*:*
    • (no CPE)range: 10.0 – 10.1.2

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.