CVE Vulnerabilities

CVE-2015-4112

Published: Nov 19, 2015 | Modified: Dec 07, 2016
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4.3 MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu

The Management Console in BlackBerry Enterprise Server (BES) 12 before 12.2 does not properly restrict use of FRAME elements, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web site, related to a cross frame scripting issue.

Affected Software

Name Vendor Start Version End Version
Enterprise_server Blackberry 12.0 (including) 12.0 (including)
Enterprise_server Blackberry 12.1 (including) 12.1 (including)

References