CVE-2021-22153
Published May 13, 2021
Last updated 3 years ago
Overview
- Description
- A Remote Code Execution vulnerability in the Management Console component of BlackBerry UEM version(s) 12.13.1 QF2 and earlier and 12.12.1a QF6 and earlier could allow an attacker to potentially cause the spreadsheet application to run commands on the victim’s local machine with the authority of the user.
- Source
- secure@blackberry.com
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 7.3
- Impact score
- 5.9
- Exploitability score
- 1.3
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
- Severity
- HIGH
CVSS 2.0
- Type
- Primary
- Base score
- 6
- Impact score
- 6.4
- Exploitability score
- 6.8
- Vector string
- AV:N/AC:M/Au:S/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- CWE-1236
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:blackberry:unified_endpoint_management:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7BB3D5E6-0613-45E2-8575-07DD6CD77BF4",
"versionEndIncluding": "12.12.0"
},
{
"criteria": "cpe:2.3:a:blackberry:unified_endpoint_management:12.12.1a:quick_fix_1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D6ED78FF-D486-4FE6-9599-7738729D8F28"
},
{
"criteria": "cpe:2.3:a:blackberry:unified_endpoint_management:12.12.1a:quick_fix_2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "593930DE-6A05-48B3-A886-87E72DDCD44C"
},
{
"criteria": "cpe:2.3:a:blackberry:unified_endpoint_management:12.12.1a:quick_fix_3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A07E7ACB-B93D-4774-BFE2-8CEAE89AFDF8"
},
{
"criteria": "cpe:2.3:a:blackberry:unified_endpoint_management:12.12.1a:quick_fix_4:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "984D7F36-D826-4D38-882C-9C822C4CDDA3"
},
{
"criteria": "cpe:2.3:a:blackberry:unified_endpoint_management:12.12.1a:quick_fix_5:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B5DC0EDB-41B6-4605-AF43-37A0701C96CE"
},
{
"criteria": "cpe:2.3:a:blackberry:unified_endpoint_management:12.12.1a:quick_fix_6:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "03BB3AC1-DC2B-4871-A47C-23E5AFE8E72A"
},
{
"criteria": "cpe:2.3:a:blackberry:unified_endpoint_management:12.13.0:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "925C2316-6DE8-40ED-AFF2-F4A9849D2B85"
},
{
"criteria": "cpe:2.3:a:blackberry:unified_endpoint_management:12.13.0:mr1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B153A25D-8D7C-4734-8BB9-93C5E6385BE3"
},
{
"criteria": "cpe:2.3:a:blackberry:unified_endpoint_management:12.13.1:quick_fix_1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "36AFE854-85F3-4157-A2C5-8FE374485FF5"
},
{
"criteria": "cpe:2.3:a:blackberry:unified_endpoint_management:12.13.1:quick_fix_2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "61B8E4D4-E3DB-4693-BF88-513687E45BA2"
}
],
"operator": "OR"
}
]
}
]