CVE-2016-3128
Severity Score
8.2
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
A spoofing vulnerability in the Core of BlackBerry Enterprise Server (BES) 12 through 12.5.2 allows remote attackers to enroll an illegitimate device to the BES, gain access to device parameters for the BES, or send false information to the BES by gaining access to specific information about a device that was legitimately enrolled on the BES.
Una vulnerabilidad de suplantación en el Core de BlackBerry Enterprise Server (BES) 12 hasta la versión 12.5.2 permite a atacantes remotos registrar un dispositivo ilegítimo al BES, acceder a los parámetros del dispositivo para el BES o enviar información falsa al BES accediendo a Información específica sobre un dispositivo que se inscribió legítimamente en el BES.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2016-03-11 CVE Reserved
- 2017-01-13 CVE Published
- 2023-03-07 EPSS Updated
- 2024-08-05 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-254: 7PK - Security Features
CAPEC
References (3)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/95624 | Vdb Entry | |
| http://www.securitytracker.com/id/1037585 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://support.blackberry.com/kb/articleDetail?articleNumber=000038913 | 2017-01-20 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Blackberry Search vendor "Blackberry" | Enterprise Service Search vendor "Blackberry" for product "Enterprise Service" | 12.0.0 Search vendor "Blackberry" for product "Enterprise Service" and version "12.0.0" | - |
Affected
| ||||||
| Blackberry Search vendor "Blackberry" | Enterprise Service Search vendor "Blackberry" for product "Enterprise Service" | 12.0.1 Search vendor "Blackberry" for product "Enterprise Service" and version "12.0.1" | - |
Affected
| ||||||
| Blackberry Search vendor "Blackberry" | Enterprise Service Search vendor "Blackberry" for product "Enterprise Service" | 12.1.0 Search vendor "Blackberry" for product "Enterprise Service" and version "12.1.0" | - |
Affected
| ||||||
| Blackberry Search vendor "Blackberry" | Enterprise Service Search vendor "Blackberry" for product "Enterprise Service" | 12.2.0 Search vendor "Blackberry" for product "Enterprise Service" and version "12.2.0" | - |
Affected
| ||||||
| Blackberry Search vendor "Blackberry" | Enterprise Service Search vendor "Blackberry" for product "Enterprise Service" | 12.2.1 Search vendor "Blackberry" for product "Enterprise Service" and version "12.2.1" | - |
Affected
| ||||||
| Blackberry Search vendor "Blackberry" | Enterprise Service Search vendor "Blackberry" for product "Enterprise Service" | 12.3.0 Search vendor "Blackberry" for product "Enterprise Service" and version "12.3.0" | - |
Affected
| ||||||
| Blackberry Search vendor "Blackberry" | Enterprise Service Search vendor "Blackberry" for product "Enterprise Service" | 12.3.1 Search vendor "Blackberry" for product "Enterprise Service" and version "12.3.1" | - |
Affected
| ||||||
| Blackberry Search vendor "Blackberry" | Enterprise Service Search vendor "Blackberry" for product "Enterprise Service" | 12.4.0 Search vendor "Blackberry" for product "Enterprise Service" and version "12.4.0" | - |
Affected
| ||||||
| Blackberry Search vendor "Blackberry" | Enterprise Service Search vendor "Blackberry" for product "Enterprise Service" | 12.4.1 Search vendor "Blackberry" for product "Enterprise Service" and version "12.4.1" | - |
Affected
| ||||||
| Blackberry Search vendor "Blackberry" | Enterprise Service Search vendor "Blackberry" for product "Enterprise Service" | 12.5.0a Search vendor "Blackberry" for product "Enterprise Service" and version "12.5.0a" | - |
Affected
| ||||||
| Blackberry Search vendor "Blackberry" | Enterprise Service Search vendor "Blackberry" for product "Enterprise Service" | 12.5.1 Search vendor "Blackberry" for product "Enterprise Service" and version "12.5.1" | - |
Affected
| ||||||
| Blackberry Search vendor "Blackberry" | Enterprise Service Search vendor "Blackberry" for product "Enterprise Service" | 12.5.2 Search vendor "Blackberry" for product "Enterprise Service" and version "12.5.2" | - |
Affected
| ||||||