First published: Thu Dec 20 2018(Updated: )
A cross-site request forgery (CSRF) vulnerability in the Management Console of BlackBerry UEM versions earlier than 12.9.1 could allow an attacker to make modifications to the UEM settings in the context of a Management Console administrator.
Credit: secure@blackberry.com
Affected Software | Affected Version | How to fix |
---|---|---|
BlackBerry Unified Endpoint Manager | <12.9.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2018-8892 is a cross-site request forgery (CSRF) vulnerability in the Management Console of BlackBerry UEM versions earlier than 12.9.1.
CVE-2018-8892 allows an attacker to make modifications to the UEM settings in the context of a Management Console administrator.
CVE-2018-8892 has a severity rating of 6.5 out of 10, which is considered medium.
To fix CVE-2018-8892, update BlackBerry UEM to version 12.9.1 or later.
You can find more information about CVE-2018-8892 on the BlackBerry support website at http://support.blackberry.com/kb/articleDetail?articleNumber=000054162.