CVE-2018-8892: CSRF
First published: Thu Dec 20 2018(Updated: )
A cross-site request forgery (CSRF) vulnerability in the Management Console of BlackBerry UEM versions earlier than 12.9.1 could allow an attacker to make modifications to the UEM settings in the context of a Management Console administrator.
Credit: secure@blackberry.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| BlackBerry Unified Endpoint Manager | <12.9.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2018-8892?
CVE-2018-8892 is a cross-site request forgery (CSRF) vulnerability in the Management Console of BlackBerry UEM versions earlier than 12.9.1.
How does CVE-2018-8892 affect BlackBerry UEM?
CVE-2018-8892 allows an attacker to make modifications to the UEM settings in the context of a Management Console administrator.
What is the severity of CVE-2018-8892?
CVE-2018-8892 has a severity rating of 6.5 out of 10, which is considered medium.
How can I fix CVE-2018-8892?
To fix CVE-2018-8892, update BlackBerry UEM to version 12.9.1 or later.
Where can I find more information about CVE-2018-8892?
You can find more information about CVE-2018-8892 on the BlackBerry support website at http://support.blackberry.com/kb/articleDetail?articleNumber=000054162.
- collector/nvd-index
- agent/weakness
- agent/type
- agent/severity
- agent/references
- agent/author
- agent/event
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/blackberry
- canonical/blackberry unified endpoint manager