Improper User Account Validation in BlackBerry Link Software
CVE-2013-6798

Currently unrated

Key Information:

Vendor: Blackberry
Status: Blackberry Link
Vendor: CVE Published:; 18 November 2013

What is CVE-2013-6798?

BlackBerry Link, prior to version 1.2.1.31 for Windows and 1.1.1 build 39 for Mac OS X, inadequately verifies user accounts when executing Peer Manager after successive logins with different accounts. This can potentially allow unauthorized users to bypass file access restrictions on remote folders utilizing IPv6 WebDAV requests, highlighting security weaknesses in account management and privilege enforcement.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/89202

vdb-entryx_refsource_XF

http://www.blackberry.com/btsc/KB35315

x_refsource_CONFIRM

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 18, 2013
Vulnerability Reserved
Nov 15, 2013

Blackberry

What is CVE-2013-6798?

References

Timeline