CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-17442

In BlackBerry UEM Management Console version 12.7.1 and earlier, a reflected cross-site scripting vulnerability that could allow an attacker to execute script commands in the context of the affected UEM Management Console account by crafting a malicious link and then persuading a user with legitimate access to the Management Console to click on the malicious link.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 48.2%

CVSS Severity

CVSS v3 Score 6.1

CVSS v2 Score 4.3

References

Products affected by CVE-2017-17442

Blackberry » Unified Endpoint Manager » Version: 12.5

cpe:2.3:a:blackberry:unified_endpoint_manager:12.5
Blackberry » Unified Endpoint Manager » Version: 12.6

cpe:2.3:a:blackberry:unified_endpoint_manager:12.6
Blackberry » Unified Endpoint Manager » Version: 12.6.1

cpe:2.3:a:blackberry:unified_endpoint_manager:12.6.1
Blackberry » Unified Endpoint Manager » Version: 12.7

cpe:2.3:a:blackberry:unified_endpoint_manager:12.7
Blackberry » Unified Endpoint Manager » Version: 12.7.0

cpe:2.3:a:blackberry:unified_endpoint_manager:12.7.0
Blackberry » Unified Endpoint Manager » Version: 12.7.1

cpe:2.3:a:blackberry:unified_endpoint_manager:12.7.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-17442

Products

Pricing

Contact Us