Vulnerability Details CVE-2017-9367
A directory traversal vulnerability in the BlackBerry Workspaces Server could potentially allow an attacker to execute or upload arbitrary files, or reveal the content of arbitrary files anywhere on the web server by crafting a URL with a manipulated POST request.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 68.8%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 6.8
References
Products affected by CVE-2017-9367
-
cpe:2.3:a:blackberry:workspaces_appliance-x:1.11.2
-
cpe:2.3:a:blackberry:workspaces_vapp:5.5.0
-
cpe:2.3:a:blackberry:workspaces_vapp:5.5.1
-
cpe:2.3:a:blackberry:workspaces_vapp:5.5.2
-
cpe:2.3:a:blackberry:workspaces_vapp:5.5.3
-
cpe:2.3:a:blackberry:workspaces_vapp:5.5.4
-
cpe:2.3:a:blackberry:workspaces_vapp:5.5.5
-
cpe:2.3:a:blackberry:workspaces_vapp:5.5.6
-
cpe:2.3:a:blackberry:workspaces_vapp:5.5.7
-
cpe:2.3:a:blackberry:workspaces_vapp:5.5.8
-
cpe:2.3:a:blackberry:workspaces_vapp:5.5.9
-
cpe:2.3:a:blackberry:workspaces_vapp:5.6.0
-
cpe:2.3:a:blackberry:workspaces_vapp:5.6.1
-
cpe:2.3:a:blackberry:workspaces_vapp:5.6.2
-
cpe:2.3:a:blackberry:workspaces_vapp:5.6.3
-
cpe:2.3:a:blackberry:workspaces_vapp:5.6.4
-
cpe:2.3:a:blackberry:workspaces_vapp:5.6.5
-
cpe:2.3:a:blackberry:workspaces_vapp:5.6.6