CVE-2015-4112

Name of the Vulnerable Software and Affected Versions BlackBerry Enterprise Server versions prior to 12.2

Description The issue is related to a "cross frame scripting" problem, where the Management Console in BlackBerry Enterprise Server does not properly restrict the use of FRAME elements. This makes it easier for remote attackers to conduct clickjacking attacks via a crafted web site.

Recommendations For versions prior to 12.2, update to version 12.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the Management Console to minimize the risk of exploitation.