Unrated severityNVD Advisory· Published Nov 19, 2015· Updated Jun 17, 2026
CVE-2015-4112
CVE-2015-4112
Description
The Management Console in BlackBerry Enterprise Server (BES) 12 before 12.2 does not properly restrict use of FRAME elements, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web site, related to a "cross frame scripting" issue.
Affected products
3cpe:2.3:a:blackberry:enterprise_server:12.0:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:blackberry:enterprise_server:12.0:*:*:*:*:*:*:*
- cpe:2.3:a:blackberry:enterprise_server:12.1:*:*:*:*:*:*:*
- (no CPE)range: <12.2
Patches
Vulnerability mechanics
References
2- www.blackberry.com/btsc/KB37573nvdVendor Advisory
- www.securitytracker.com/id/1034154nvd
News mentions
0No linked articles in our index yet.