Workspaces
by Blackberry
CVEs (8)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-9367 | Cri | 0.64 | 9.8 | 0.02 | Oct 16, 2017 | A directory traversal vulnerability in the BlackBerry Workspaces Server could potentially allow an attacker to execute or upload arbitrary files, or reveal the content of arbitrary files anywhere on the web server by crafting a URL with a manipulated POST request. | ||
| CVE-2017-9370 | Hig | 0.57 | 8.8 | 0.01 | Aug 9, 2017 | An information disclosure / elevation of privilege vulnerability in the BlackBerry Workspaces Server could potentially allow an attacker who has legitimate access to BlackBerry Workspaces to gain access to another user's workspace by making multiple login requests to the server. | ||
| CVE-2026-7791 | Hig | 0.51 | 7.8 | 0.00 | May 4, 2026 | Improper privilege management in the log rotation mechanism of the Skylight Workspace Config Service in Amazon WorkSpaces for Windows before 2.6.2034.0 allows a local non-admin authenticated user to place arbitrary files into arbitrary locations bypassing file system permission… | ||
| CVE-2025-0501 | Hig | 0.49 | 7.5 | 0.00 | Jan 15, 2025 | An issue in the native clients for Amazon WorkSpaces (when running PCoIP protocol) may allow an attacker to access remote sessions via man-in-the-middle. | ||
| CVE-2017-9368 | Hig | 0.49 | 7.5 | 0.01 | Oct 16, 2017 | An information disclosure vulnerability in the BlackBerry Workspaces Server could result in an attacker gaining access to source code for server-side applications by crafting a request for specific files. | ||
| CVE-2023-42404 | 0.00 | — | 0.00 | Apr 28, 2025 | OneVision Workspace before WS23.1 SR1 (build w31.040) allows arbitrary Java EL execution. | |||
| CVE-2024-2241 | 0.00 | — | 0.00 | Mar 7, 2024 | Improper access control in the user interface in Devolutions Workspace 2024.1.0 and earlier allows an authenticated user to perform unintended actions via specific permissions | |||
| CVE-2021-43637 | 0.00 | — | 0.00 | Dec 7, 2021 | Amazon WorkSpaces agent is affected by Buffer Overflow. IOCTL Handler 0x22001B in the Amazon WorkSpaces agent below v1.0.1.1537 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O… |
- risk 0.64cvss 9.8epss 0.02
A directory traversal vulnerability in the BlackBerry Workspaces Server could potentially allow an attacker to execute or upload arbitrary files, or reveal the content of arbitrary files anywhere on the web server by crafting a URL with a manipulated POST request.
- risk 0.57cvss 8.8epss 0.01
An information disclosure / elevation of privilege vulnerability in the BlackBerry Workspaces Server could potentially allow an attacker who has legitimate access to BlackBerry Workspaces to gain access to another user's workspace by making multiple login requests to the server.
- risk 0.51cvss 7.8epss 0.00
Improper privilege management in the log rotation mechanism of the Skylight Workspace Config Service in Amazon WorkSpaces for Windows before 2.6.2034.0 allows a local non-admin authenticated user to place arbitrary files into arbitrary locations bypassing file system permission…
- risk 0.49cvss 7.5epss 0.00
An issue in the native clients for Amazon WorkSpaces (when running PCoIP protocol) may allow an attacker to access remote sessions via man-in-the-middle.
- risk 0.49cvss 7.5epss 0.01
An information disclosure vulnerability in the BlackBerry Workspaces Server could result in an attacker gaining access to source code for server-side applications by crafting a request for specific files.
- CVE-2023-42404Apr 28, 2025risk 0.00cvss —epss 0.00
OneVision Workspace before WS23.1 SR1 (build w31.040) allows arbitrary Java EL execution.
- CVE-2024-2241Mar 7, 2024risk 0.00cvss —epss 0.00
Improper access control in the user interface in Devolutions Workspace 2024.1.0 and earlier allows an authenticated user to perform unintended actions via specific permissions
- CVE-2021-43637Dec 7, 2021risk 0.00cvss —epss 0.00
Amazon WorkSpaces agent is affected by Buffer Overflow. IOCTL Handler 0x22001B in the Amazon WorkSpaces agent below v1.0.1.1537 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O…