First published: Fri Oct 11 2013(Updated: )
The BlackBerry Universal Device Service in BlackBerry Enterprise Service (BES) 10.0 through 10.1.2 does not properly restrict access to the JBoss Remote Method Invocation (RMI) interface, which allows remote attackers to upload and execute arbitrary packages via a request to port 1098.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Blackberry Blackberry Enterprise Service | =10.0 | |
Blackberry Blackberry Enterprise Service | =10.1.0 | |
Blackberry Blackberry Enterprise Service | =10.1.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.