CVE-2016-3130
Severity Score
8.1
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
An information disclosure vulnerability in the Core and Management Console in BlackBerry Enterprise Server (BES) 12 through 12.5.2 allows remote attackers to obtain local or domain credentials of an administrator or user account by sniffing traffic between the two elements during a login attempt.
Una vulnerabilidad de divulgación de información en el Core y Management Console en BlackBerry Enterprise Server (BES) 12 hasta la versión 12.5.2 permite a atacantes remotos obtener credenciales locales o de dominio de una cuenta de administrador o usuario espiando el tráfico entre los dos elementos durante un intento de inicio de sesión.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2016-03-11 CVE Reserved
- 2017-01-13 CVE Published
- 2023-03-07 EPSS Updated
- 2024-08-05 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
- CWE-255: Credentials Management Errors
CAPEC
References (3)
| URL | Tag | Source |
|---|---|---|
| http://support.blackberry.com/kb/articleDetail?articleNumber=000038914 | X_refsource_confirm | |
| http://www.securityfocus.com/bid/95924 | Vdb Entry | |
| http://www.securitytracker.com/id/1037584 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Blackberry Search vendor "Blackberry" | Enterprise Service Search vendor "Blackberry" for product "Enterprise Service" | 12.0.0 Search vendor "Blackberry" for product "Enterprise Service" and version "12.0.0" | - |
Affected
| ||||||
| Blackberry Search vendor "Blackberry" | Enterprise Service Search vendor "Blackberry" for product "Enterprise Service" | 12.0.1 Search vendor "Blackberry" for product "Enterprise Service" and version "12.0.1" | - |
Affected
| ||||||
| Blackberry Search vendor "Blackberry" | Enterprise Service Search vendor "Blackberry" for product "Enterprise Service" | 12.1.0 Search vendor "Blackberry" for product "Enterprise Service" and version "12.1.0" | - |
Affected
| ||||||
| Blackberry Search vendor "Blackberry" | Enterprise Service Search vendor "Blackberry" for product "Enterprise Service" | 12.2.0 Search vendor "Blackberry" for product "Enterprise Service" and version "12.2.0" | - |
Affected
| ||||||
| Blackberry Search vendor "Blackberry" | Enterprise Service Search vendor "Blackberry" for product "Enterprise Service" | 12.2.1 Search vendor "Blackberry" for product "Enterprise Service" and version "12.2.1" | - |
Affected
| ||||||
| Blackberry Search vendor "Blackberry" | Enterprise Service Search vendor "Blackberry" for product "Enterprise Service" | 12.3.0 Search vendor "Blackberry" for product "Enterprise Service" and version "12.3.0" | - |
Affected
| ||||||
| Blackberry Search vendor "Blackberry" | Enterprise Service Search vendor "Blackberry" for product "Enterprise Service" | 12.3.1 Search vendor "Blackberry" for product "Enterprise Service" and version "12.3.1" | - |
Affected
| ||||||
| Blackberry Search vendor "Blackberry" | Enterprise Service Search vendor "Blackberry" for product "Enterprise Service" | 12.4.0 Search vendor "Blackberry" for product "Enterprise Service" and version "12.4.0" | - |
Affected
| ||||||
| Blackberry Search vendor "Blackberry" | Enterprise Service Search vendor "Blackberry" for product "Enterprise Service" | 12.4.1 Search vendor "Blackberry" for product "Enterprise Service" and version "12.4.1" | - |
Affected
| ||||||
| Blackberry Search vendor "Blackberry" | Enterprise Service Search vendor "Blackberry" for product "Enterprise Service" | 12.5.0a Search vendor "Blackberry" for product "Enterprise Service" and version "12.5.0a" | - |
Affected
| ||||||
| Blackberry Search vendor "Blackberry" | Enterprise Service Search vendor "Blackberry" for product "Enterprise Service" | 12.5.1 Search vendor "Blackberry" for product "Enterprise Service" and version "12.5.1" | - |
Affected
| ||||||
| Blackberry Search vendor "Blackberry" | Enterprise Service Search vendor "Blackberry" for product "Enterprise Service" | 12.5.2 Search vendor "Blackberry" for product "Enterprise Service" and version "12.5.2" | - |
Affected
| ||||||