Vulnerability Details : CVE-2011-0290
The BlackBerry Collaboration Service in Research In Motion (RIM) BlackBerry Enterprise Server (BES) 5.0.3 through MR4 for Microsoft Exchange and Lotus Domino allows remote authenticated users to log into arbitrary user accounts associated with the same organization, and send messages, read messages, read contact lists, or cause a denial of service (login unavailability), via unspecified vectors.
Vulnerability category: Denial of service
Products affected by CVE-2011-0290
- cpe:2.3:a:rim:blackberry_enterprise_server:5.0.3:*:*:*:*:*:*:*When used together with: Microsoft » Exchange Server
Exploit prediction scoring system (EPSS) score for CVE-2011-0290
1.75%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 88 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2011-0290
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
6.5
|
MEDIUM | AV:N/AC:L/Au:S/C:P/I:P/A:P |
8.0
|
6.4
|
NIST |
CWE ids for CVE-2011-0290
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2011-0290
-
http://www.securityfocus.com/bid/50064
BlackBerry Collaboration Service User Authentication Security Bypass Vulnerability
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/70519
BlackBerry Enterprise Server Collaboration Service spoofing CVE-2011-0290 Vulnerability Report
-
http://securitytracker.com/id?1026179
BlackBerry Enterprise Server Collaboration Service Bug Lets Remote Users Impersonate Intra-organization Messages - SecurityTracker
-
http://www.blackberry.com/btsc/KB28524
Exploit;Vendor Advisory
Jump to