Vulnerability Details CVE-2019-8999
An XML External Entity vulnerability in the UEM Core of BlackBerry UEM version(s) earlier than 12.10.1a could allow an attacker to potentially gain read access to files on any system reachable by the UEM service account.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 62.4%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
Products affected by CVE-2019-8999
-
cpe:2.3:a:blackberry:unified_endpoint_management:12.10
-
cpe:2.3:a:blackberry:unified_endpoint_management:12.10.1a
-
cpe:2.3:a:blackberry:unified_endpoint_management:12.7
-
cpe:2.3:a:blackberry:unified_endpoint_management:12.8
-
cpe:2.3:a:blackberry:unified_endpoint_management:12.9