ID |
CVE-2016-3129
|
Summary |
A remote shell execution vulnerability in the BlackBerry Good Enterprise Mobility Server (GEMS) implementation of the Apache Karaf command shell in GEMS versions 2.1.5.3 to 2.2.22.25 allows remote attackers to obtain local administrator rights on the GEMS server via commands executed on the Karaf command shell. |
References |
|
Vulnerable Configurations |
|
CVSS |
Base: | 8.5 (as of 22-12-2016 - 03:00) |
Impact: | |
Exploitability: | |
|
CWE |
NVD-CWE-noinfo |
CAPEC |
|
Access |
Vector | Complexity | Authentication |
NETWORK |
MEDIUM |
SINGLE |
|
Impact |
Confidentiality | Integrity | Availability |
COMPLETE |
COMPLETE |
COMPLETE |
|
cvss-vector
via4
|
AV:N/AC:M/Au:S/C:C/I:C/A:C
|
refmap
via4
|
|
Last major update |
22-12-2016 - 03:00 |
Published |
16-12-2016 - 09:59 |
Last modified |
22-12-2016 - 03:00 |