Remote Code Execution Vulnerability in BlackBerry Enterprise Service
CVE-2013-3693

Currently unrated

Key Information:

Vendor: Blackberry
Status: Blackberry Enterprise Service
Vendor: CVE Published:; 11 October 2013

What is CVE-2013-3693?

The BlackBerry Enterprise Service, specifically versions 10.0 through 10.1.2, contains a vulnerability that improperly restricts access to its JBoss RMI interface. This flaw permits remote attackers to upload and execute arbitrary packages by sending crafted requests to port 1098, potentially compromising the integrity and confidentiality of the system. Organizations using these affected versions are highly encouraged to implement appropriate security measures to mitigate risks associated with this vulnerability.

References

http://btsc.webapps.blackberry.com/btsc/viewdocument.do%3...

x_refsource_CONFIRM

http://secunia.com/advisories/55187

third-party-advisoryx_refsource_SECUNIA

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Oct 11, 2013

Blackberry

What is CVE-2013-3693?

References

Timeline