ByteOS Network

Vulnerability Details :

CVE-2020-6933

Assigner Org ID-dbe78b00-5e7b-4fda-8748-329789ecfc5c

Published At-14 Oct, 2020 | 13:31

Updated At-04 Aug, 2024 | 09:18

An improper input validation vulnerability in the UEM Core of BlackBerry UEM version(s) 12.13.0, 12.12.1a QF2 (and earlier), and 12.11.1 QF3 (and earlier) could allow an attacker to potentially cause a Denial of Service (DoS) of the UEM Core service.

EPSS History

Score

Latest Score

N/A

Percentile

Latest Percentile

N/A

▼Common Vulnerabilities and Exposures (CVE)

cve.org

Assigner:blackberry

Assigner Org ID:dbe78b00-5e7b-4fda-8748-329789ecfc5c

Published At:14 Oct, 2020 | 13:31

Updated At:04 Aug, 2024 | 09:18

▼CVE Numbering Authority (CNA)

Affected Products

Vendor

n/a

Product

BlackBerry UEM

Versions

Affected

BlackBerry UEM version 12.13.0 BlackBerry UEM version 12.12.1a QF2 and earlier BlackBerry UEM version 12.11.1 QF3 and earlier

Problem Types

Type	CWE ID	Description
text	N/A	Improper input validation

Type: text

CWE ID: N/A

Description: Improper input validation

References

Hyperlink	Resource
https://support.blackberry.com/kb/articleDetail?articleNumber=000068112	x_refsource_MISC

Hyperlink: https://support.blackberry.com/kb/articleDetail?articleNumber=000068112

Resource:

x_refsource_MISC

▼Authorized Data Publishers (ADP)

CVE Program Container

References

Hyperlink	Resource
https://support.blackberry.com/kb/articleDetail?articleNumber=000068112	x_refsource_MISC x_transferred

Hyperlink: https://support.blackberry.com/kb/articleDetail?articleNumber=000068112

Resource:

x_refsource_MISC

x_transferred

▼National Vulnerability Database (NVD)

nvd.nist.gov

Source:secure@blackberry.com

Published At:14 Oct, 2020 | 14:15

Updated At:29 Oct, 2020 | 20:05

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Primary	3.1	5.5	MEDIUM	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Primary	2.0	2.1	LOW	AV:L/AC:L/Au:N/C:N/I:N/A:P

Type: Primary

Version: 3.1

Base score: 5.5

Base severity: MEDIUM

Vector:

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Type: Primary

Version: 2.0

Base score: 2.1

Base severity: LOW

Vector:

AV:L/AC:L/Au:N/C:N/I:N/A:P

CPE Matches

BlackBerry Limited

>>unified_endpoint_manager>>Versions up to 12.11.1(inclusive)

cpe:2.3:a:blackberry:unified_endpoint_manager:*:*:*:*:*:*:*:*

BlackBerry Limited

>>unified_endpoint_manager>>12.11.1

cpe:2.3:a:blackberry:unified_endpoint_manager:12.11.1:quick_fix1:*:*:*:*:*:*

BlackBerry Limited

>>unified_endpoint_manager>>12.11.1

cpe:2.3:a:blackberry:unified_endpoint_manager:12.11.1:quick_fix2:*:*:*:*:*:*

BlackBerry Limited

>>unified_endpoint_manager>>12.11.1

cpe:2.3:a:blackberry:unified_endpoint_manager:12.11.1:quick_fix3:*:*:*:*:*:*

BlackBerry Limited

>>unified_endpoint_manager>>12.12.1a

cpe:2.3:a:blackberry:unified_endpoint_manager:12.12.1a:-:*:*:*:*:*:*

BlackBerry Limited

>>unified_endpoint_manager>>12.12.1a

cpe:2.3:a:blackberry:unified_endpoint_manager:12.12.1a:quick_fix1:*:*:*:*:*:*

BlackBerry Limited

>>unified_endpoint_manager>>12.12.1a

cpe:2.3:a:blackberry:unified_endpoint_manager:12.12.1a:quick_fix2:*:*:*:*:*:*

BlackBerry Limited

>>unified_endpoint_manager>>12.13.0

cpe:2.3:a:blackberry:unified_endpoint_manager:12.13.0:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-20	Primary	nvd@nist.gov

CWE ID: CWE-20

Type: Primary

Source: nvd@nist.gov

References

Hyperlink	Source	Resource
https://support.blackberry.com/kb/articleDetail?articleNumber=000068112	secure@blackberry.com	Patch Vendor Advisory

Hyperlink: https://support.blackberry.com/kb/articleDetail?articleNumber=000068112

Source: secure@blackberry.com

Resource:

Patch

Vendor Advisory

Similar CVEs

253Records found

CVE-2021-0416

Matching Score-4

Assigner-Android (associated with Google Inc. or Open Handset Alliance)

View Details

Matching Score-4

Assigner-Android (associated with Google Inc. or Open Handset Alliance)

CVSS Score-5.5||MEDIUM

EPSS-0.02% / 2.98%

7 Day CHG~0.00%

Published-18 Aug, 2021 | 14:43

Updated-03 Aug, 2024 | 15:40

In memory management driver, there is a possible system crash due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05403499; Issue ID: ALPS05336700.

Vendor-n/a Google LLC

Product-android MT6580, MT6582E, MT6582H, MT6582T, MT6582W, MT6582_90, MT6589, MT6589TD, MT6592E, MT6592H, MT6592T, MT6592W, MT6592_90, MT6595, MT6731, MT6732, MT6735, MT6737, MT6739, MT6750, MT6750S, MT6752, MT6753, MT6755, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6758, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6785, MT6795, MT6797, MT6799, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893

CWE ID-CWE-20

Improper Input Validation

CVE-2021-0199

Matching Score-4

Assigner-Intel Corporation

View Details

Matching Score-4

Assigner-Intel Corporation

CVSS Score-4.4||MEDIUM

EPSS-0.04% / 12.16%

7 Day CHG~0.00%

Published-17 Nov, 2021 | 19:17

Updated-03 Aug, 2024 | 15:32

Improper input validation in the firmware for the Intel(R) Ethernet Network Controller E810 before version 1.6.0.6 may allow a privileged user to potentially enable a denial of service via local access.

Vendor-n/a Intel Corporation

Product-ethernet_network_controller_e810-cam1_firmware ethernet_network_controller_e810-cam1 ethernet_network_controller_e810-cam2_firmware ethernet_network_controller_e810-xxvam2 ethernet_network_controller_e810-cam2 ethernet_network_controller_e810-xxvam2_firmware Intel(R) Ethernet Network Controller E810

CWE ID-CWE-20

Improper Input Validation

CVE-2021-0083

Matching Score-4

Assigner-Intel Corporation

View Details

Matching Score-4

Assigner-Intel Corporation

CVSS Score-4.4||MEDIUM

EPSS-0.05% / 14.51%

7 Day CHG~0.00%

Published-11 Aug, 2021 | 12:47

Updated-03 Aug, 2024 | 15:25

Improper input validation in some Intel(R) Optane(TM) PMem versions before versions 1.2.0.5446 or 2.2.0.1547 may allow a privileged user to potentially enable denial of service via local access.

Vendor-n/a Intel Corporation

Product-xeon_gold_6246r xeon_platinum_8276l xeon_platinum_8358 xeon_w-2223 xeon_platinum_9222 xeon_gold_5315y xeon_w-11865mre xeon_w-3245m xeon_gold_5217 xeon_gold_6230t xeon_platinum_8362 xeon_gold_6230n xeon_w-3225 xeon_platinum_8354h xeon_w-3265 xeon_gold_5218n xeon_w-3245 xeon_gold_6338 xeon_w-1370 xeon_w-2125 xeon_silver_4309y xeon_platinum_8352y xeon_platinum_8368 xeon_gold_5220 xeon_gold_6246 xeon_w-2295 xeon_silver_4214r xeon_gold_6326 xeon_gold_6254 xeon_silver_4310t xeon_gold_6240y xeon_gold_6234 optane_persistent_memory_firmware xeon_platinum_8380 xeon_gold_6238r xeon_silver_4316 xeon_platinum_8351n xeon_w-1250 xeon_w-1250te xeon_w-2255 xeon_gold_6208u xeon_w-11555mle xeon_platinum_8268 xeon_gold_5215 xeon_platinum_8352v xeon_gold_6336y xeon_w-1290e xeon_gold_6262v xeon_gold_5222 xeon_w-3275 xeon_w-1390t xeon_gold_5218 xeon_w-1270 xeon_silver_4209t xeon_w-1270e xeon_platinum_8380h xeon_gold_5215l xeon_platinum_8360hl xeon_silver_4215r xeon_gold_6252n xeon_platinum_9221 xeon_w-2245 xeon_platinum_8376h xeon_gold_6244 xeon_gold_6330 xeon_silver_4210t xeon_gold_6248 xeon_gold_6212u xeon_w-1270te xeon_w-1370p xeon_gold_6314u xeon_platinum_8280 xeon_gold_6248r xeon_w-11155mre xeon_w-3335 xeon_gold_6354 xeon_gold_6258r xeon_w-1290t xeon_gold_6240 xeon_gold_6238l xeon_platinum_8352m xeon_gold_6240l xeon_gold_6250 xeon_platinum_8353h xeon_w-11865mle xeon_platinum_8256 xeon_gold_6348h xeon_w-2155 xeon_w-11855m xeon_gold_6330h xeon_w-1290p xeon_w-3265m xeon_w-2135 xeon_gold_6222v xeon_gold_5318h xeon_w-11155mle xeon_platinum_8376hl xeon_gold_6242 xeon_w-2265 xeon_gold_5320h xeon_w-2145 xeon_gold_5320 xeon_platinum_8360y xeon_platinum_8274 xeon_w-10855m xeon_platinum_8260y xeon_platinum_8270 xeon_gold_6242r xeon_gold_6338t xeon_gold_6346 xeon_gold_5218t xeon_silver_4215 xeon_w-2235 xeon_w-11555mre xeon_gold_5220r xeon_w-11955m xeon_gold_5318s xeon_gold_6338n xeon_silver_4214 xeon_platinum_8276 xeon_platinum_8360h xeon_w-1390p xeon_gold_6238t xeon_w-1270p xeon_silver_4210r xeon_gold_6250l xeon_silver_4214y xeon_gold_6210u xeon_gold_6348 xeon_gold_6330n xeon_gold_5218b xeon_w-1350 xeon_platinum_8380hl xeon_gold_5318n xeon_platinum_8358p xeon_w-1250e xeon_w-1290 xeon_w-3345 xeon_w-3375 xeon_platinum_8368q xeon_silver_4216 xeon_gold_6230 xeon_platinum_8253 xeon_gold_6240r xeon_w-10885m xeon_w-2195 xeon_silver_4310 xeon_w-1390 xeon_w-3365 xeon_gold_5317 xeon_gold_6334 xeon_w-2275 xeon_w-1290te xeon_platinum_8356h xeon_gold_6209u xeon_w-3223 xeon_gold_6226 xeon_gold_6256 xeon_w-1350p xeon_gold_6342 xeon_w-3323 xeon_gold_6230r xeon_w-3175x xeon_gold_6238 xeon_gold_6252 xeon_w-1250p xeon_w-3235 xeon_gold_5320t xeon_silver_4208 xeon_platinum_8260 xeon_platinum_8352s xeon_gold_5318y xeon_gold_5218r xeon_bronze_3206r xeon_gold_6226r xeon_w-2225 xeon_gold_6312u xeon_gold_6328h xeon_w-2123 xeon_gold_5220s xeon_w-2133 xeon_w-3275m xeon_platinum_9242 xeon_platinum_9282 xeon_platinum_8260l xeon_platinum_8280l xeon_bronze_3204 xeon_gold_6328hl xeon_silver_4314 xeon_w-2175 xeon_gold_5220t xeon_silver_4210 Intel(R) Optane(TM) PMem versions

CWE ID-CWE-20

Improper Input Validation

CVE-2020-6933

Credits

Vendors

Products

Metrics (CVSS)

Weaknesses

Attack Patterns

Solution/Workaround

References

EPSS History

Score

Latest Score

N/A

Percentile

Latest Percentile

N/A

Stakeholder-Specific Vulnerability Categorization (SSVC)

Affected Products

Affected

Problem Types

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

Affected Products

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

CISA Catalog

Metrics

CPE Matches

Weaknesses

Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References

Change History

Similar CVEs