PT-2016-5376 · Blackberry+1 · Blackberry Enterprise Mobility Server+1

Publicado

2016-12-16

Atualizado

2016-12-22

CVE-2016-3129

CVSS v2.0

8.5

Alta

Vetor

AV:N/AC:M/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions BlackBerry Good Enterprise Mobility Server versions 2.1.5.3 through 2.2.22.25

Description A remote shell execution issue in the Apache Karaf command shell implementation allows remote attackers to obtain local administrator rights on the server via commands executed on the Karaf command shell.

Recommendations For versions 2.1.5.3 through 2.2.22.25, consider disabling access to the Apache Karaf command shell as a temporary workaround until a patch is available. Restrict access to the Karaf command shell to minimize the risk of exploitation.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2016-3129

Produtos afetados

Apache Karaf

Blackberry Enterprise Mobility Server

PT-2016-5376 · Blackberry+1 · Blackberry Enterprise Mobility Server+1

CVE-2016-3129

Identificadores relacionados

Produtos afetados

Referências · 4