VYPR

BES12 Self-Service

by Blackberry

CVEs (2)

  • CVE-2016-1914HigApr 13, 2017
    risk 0.61cvss 8.8epss 0.04

    Multiple SQL injection vulnerabilities in the com.rim.mdm.ui.server.ImageServlet servlet in BlackBerry Enterprise Server 12 (BES12) Self-Service before 12.4 allow remote attackers to execute arbitrary SQL commands via the imageName parameter to (1) mydevice/client/image, (2)…

  • CVE-2016-1915MedApr 13, 2017
    risk 0.43cvss 6.1epss 0.04

    Multiple cross-site scripting (XSS) vulnerabilities in BlackBerry Enterprise Server 12 (BES12) Self-Service before 12.4 allow remote attackers to inject arbitrary web script or HTML via the locale parameter to (1) mydevice/index.jsp or (2) mydevice/loggedOut.jsp.