Vulnerability CVE-2011-0290


Published: 2011-10-21   Modified: 2012-02-13

Description:
The BlackBerry Collaboration Service in Research In Motion (RIM) BlackBerry Enterprise Server (BES) 5.0.3 through MR4 for Microsoft Exchange and Lotus Domino allows remote authenticated users to log into arbitrary user accounts associated with the same organization, and send messages, read messages, read contact lists, or cause a denial of service (login unavailability), via unspecified vectors.

CVSS2 => (AV:N/AC:L/Au:S/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
6.5/10
6.4/10
8/10
Exploit range
Attack complexity
Authentication
Remote
Low
Single time
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial
Affected software
RIM -> Blackberry enterprise server 

 References:
http://xforce.iss.net/xforce/xfdb/70519
http://www.securityfocus.com/bid/50064
http://www.osvdb.org/76286
http://www.blackberry.com/btsc/KB28524
http://securitytracker.com/id?1026179
http://secunia.com/advisories/46370

Copyright 2024, cxsecurity.com

 

Back to Top