First published: Thu Apr 18 2019(Updated: )
An XML External Entity vulnerability in the UEM Core of BlackBerry UEM version(s) earlier than 12.10.1a could allow an attacker to potentially gain read access to files on any system reachable by the UEM service account.
Credit: secure@blackberry.com secure@blackberry.com
Affected Software | Affected Version | How to fix |
---|---|---|
Blackberry Unified Endpoint Management | <=12.10.1a | |
<=12.10.1a |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2019-8999 is an XML External Entity vulnerability in the UEM Core of BlackBerry UEM version(s) earlier than 12.10.1a.
The CVE-2019-8999 vulnerability allows an attacker to potentially gain read access to files on any system reachable by the UEM service account by exploiting an XML External Entity vulnerability in the UEM Core of BlackBerry UEM.
CVE-2019-8999 has a severity rating of high, with a severity value of 7.5.
BlackBerry UEM version(s) earlier than 12.10.1a are affected by CVE-2019-8999.
To fix the CVE-2019-8999 vulnerability, update BlackBerry UEM to version 12.10.1a or later.