CVE-2021-22154
First published: Thu May 13 2021(Updated: )
An Information Disclosure vulnerability in the Management Console component of BlackBerry UEM version(s) 12.13.1 QF2 and earlier and 12.12.1a QF6 and earlier could allow an attacker to potentially gain access to a victim's web history.
Credit: secure@blackberry.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Blackberry Unified Endpoint Management | <=12.12.0 | |
| Blackberry Unified Endpoint Management | =12.12.1a-quick_fix_1 | |
| Blackberry Unified Endpoint Management | =12.12.1a-quick_fix_2 | |
| Blackberry Unified Endpoint Management | =12.12.1a-quick_fix_3 | |
| Blackberry Unified Endpoint Management | =12.12.1a-quick_fix_4 | |
| Blackberry Unified Endpoint Management | =12.12.1a-quick_fix_5 | |
| Blackberry Unified Endpoint Management | =12.12.1a-quick_fix_6 | |
| Blackberry Unified Endpoint Management | =12.13.0 | |
| Blackberry Unified Endpoint Management | =12.13.0-mr1 | |
| Blackberry Unified Endpoint Management | =12.13.1-quick_fix_1 | |
| Blackberry Unified Endpoint Management | =12.13.1-quick_fix_2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2021-22154?
CVE-2021-22154 is an Information Disclosure vulnerability in the Management Console component of BlackBerry UEM.
How severe is CVE-2021-22154?
CVE-2021-22154 has a severity score of 5.3, which is considered medium.
Which versions of BlackBerry UEM are affected by CVE-2021-22154?
CVE-2021-22154 affects BlackBerry UEM versions 12.13.1 QF2 and earlier, and 12.12.1a QF6 and earlier.
What can an attacker potentially gain access to through CVE-2021-22154?
Through CVE-2021-22154, an attacker can potentially gain access to a victim's web history.
How can I fix CVE-2021-22154?
To fix CVE-2021-22154, it is recommended to update to BlackBerry UEM version 12.13.1 QF3 or 12.12.1a QF7, or later versions.
- collector/nvd-index
- agent/references
- agent/type
- agent/severity
- agent/author
- agent/description
- agent/tags
- agent/event
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- collector/mitre-cve
- source/MITRE
- vendor/blackberry
- canonical/blackberry unified endpoint management
- version/blackberry unified endpoint management/12.12.0
- version/blackberry unified endpoint management/12.12.1a-quick_fix_1
- version/blackberry unified endpoint management/12.12.1a-quick_fix_2
- version/blackberry unified endpoint management/12.12.1a-quick_fix_3
- version/blackberry unified endpoint management/12.12.1a-quick_fix_4
- version/blackberry unified endpoint management/12.12.1a-quick_fix_5
- version/blackberry unified endpoint management/12.12.1a-quick_fix_6
- version/blackberry unified endpoint management/12.13.0
- version/blackberry unified endpoint management/12.13.0-mr1
- version/blackberry unified endpoint management/12.13.1-quick_fix_1
- version/blackberry unified endpoint management/12.13.1-quick_fix_2