First published: Tue Sep 12 2023(Updated: )
A PII Enumeration via Credential Recovery in the Self Service (Credential Recovery) of BlackBerry AtHoc version 7.15 could allow an attacker to potentially associate a list of contact details with an AtHoc IWS organization.
Credit: secure@blackberry.com secure@blackberry.com
Affected Software | Affected Version | How to fix |
---|---|---|
BlackBerry AtHoc | =7.15 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is CVE-2023-21520.
The title of the vulnerability is 'A PII Enumeration via Credential Recovery in the Self Service (Credential Recovery) of BlackBerry AtHoc'.
The severity of CVE-2023-21520 is medium with a CVSS score of 5.3.
CVE-2023-21520 could allow an attacker to potentially associate a list of contact details with an AtHoc IWS organization in BlackBerry AtHoc version 7.15.
For information on how to fix CVE-2023-21520, please refer to the official BlackBerry support website at https://http://support.blackberry.com/kb/articleDetail?articleNumber=000112406.