Vulnerability Details CVE-2018-8892
A cross-site request forgery (CSRF) vulnerability in the Management Console of BlackBerry UEM versions earlier than 12.9.1 could allow an attacker to make modifications to the UEM settings in the context of a Management Console administrator.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 31.1%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 4.3
References
Products affected by CVE-2018-8892
-
cpe:2.3:a:blackberry:unified_endpoint_manager:12.5
-
cpe:2.3:a:blackberry:unified_endpoint_manager:12.6
-
cpe:2.3:a:blackberry:unified_endpoint_manager:12.6.1
-
cpe:2.3:a:blackberry:unified_endpoint_manager:12.7
-
cpe:2.3:a:blackberry:unified_endpoint_manager:12.7.0
-
cpe:2.3:a:blackberry:unified_endpoint_manager:12.7.1
-
cpe:2.3:a:blackberry:unified_endpoint_manager:12.8
-
cpe:2.3:a:blackberry:unified_endpoint_manager:12.8.0
-
cpe:2.3:a:blackberry:unified_endpoint_manager:12.8.1
-
cpe:2.3:a:blackberry:unified_endpoint_manager:12.9
-
cpe:2.3:a:blackberry:unified_endpoint_manager:12.9.0