CVE-2016-3129 — MEDIUM (6.6)

Q: How severe is CVE-2016-3129?

CVE-2016-3129 has been rated MEDIUM with a CVSS base score of 6.6/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2016-3129?

Check the references section above for vendor advisories and patch information. Affected products include: Blackberry Good Enterprise Mobility Server.

Vulnerability Description

A remote shell execution vulnerability in the BlackBerry Good Enterprise Mobility Server (GEMS) implementation of the Apache Karaf command shell in GEMS versions 2.1.5.3 to 2.2.22.25 allows remote attackers to obtain local administrator rights on the GEMS server via commands executed on the Karaf command shell.

CVSS Score

6.6

MEDIUM

CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Blackberry	Good Enterprise Mobility Server	<= 2.2.22.25

References

FAQ

What is CVE-2016-3129?

CVE-2016-3129 is a vulnerability with a CVSS score of 6.6 (MEDIUM). A remote shell execution vulnerability in the BlackBerry Good Enterprise Mobility Server (GEMS) implementation of the Apache Karaf command shell in GEMS versions 2.1.5.3 to 2.2.22.25 allows remote att...

How severe is CVE-2016-3129?

CVE-2016-3129 has been rated MEDIUM with a CVSS base score of 6.6/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2016-3129?

Check the references section above for vendor advisories and patch information. Affected products include: Blackberry Good Enterprise Mobility Server.