Clickjacking Vulnerability in BlackBerry Enterprise Server Management Console
CVE-2015-4112

Currently unrated

Key Information:

Vendor: Blackberry
Status: Enterprise Server
Vendor: CVE Published:; 19 November 2015

What is CVE-2015-4112?

The Management Console in BlackBerry Enterprise Server (BES) 12 versions prior to 12.2 is susceptible to a clickjacking vulnerability. This flaw allows attackers to exploit insufficient restrictions on FRAME elements, enabling them to potentially manipulate user actions through deceptive interfaces. The issue is linked to cross frame scripting, which can lead to unauthorized access and interaction with web resources, thereby compromising the security integrity of affected applications.

References

http://www.blackberry.com/btsc/KB37573

x_refsource_CONFIRM

http://www.securitytracker.com/id/1034154

vdb-entryx_refsource_SECTRACK

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 19, 2015
Vulnerability Reserved
May 28, 2015

Blackberry

What is CVE-2015-4112?

References

Timeline