Vulnerabilities > CVE-2019-8999 - XXE vulnerability in Blackberry Unified Endpoint Management

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
NONE
Availability impact
NONE
network
low complexity
blackberry
CWE-611

Summary

An XML External Entity vulnerability in the UEM Core of BlackBerry UEM version(s) earlier than 12.10.1a could allow an attacker to potentially gain read access to files on any system reachable by the UEM service account.

Vulnerable Configurations

Part Description Count
Application
Blackberry
1