Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2011-0290

The BlackBerry Collaboration Service in Research In Motion (RIM) BlackBerry Enterprise Server (BES) 5.0.3 through MR4 for Microsoft Exchange and Lotus Domino allows remote authenticated users to log into arbitrary user accounts associated with the same organization, and send messages, read messages, read contact lists, or cause a denial of service (login unavailability), via unspecified vectors.

Published

2011-10-21T10:55:03.757

Last Modified

2025-04-11T00:51:21.963

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 6.5 (MEDIUM)

CVSSv2 Vector

AV:N/AC:L/Au:S/C:P/I:P/A:P

Access Vector: NETWORK
Access Complexity: LOW
Authentication: SINGLE
Confidentiality Impact: PARTIAL
Integrity Impact: PARTIAL
Availability Impact: PARTIAL

Exploitability Score

8.0

Impact Score

6.4

Weaknesses

Type: Primary
CWE-264

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	rim	blackberry_enterprise_server	5.0.3	Yes
Application	lotus	domino	*	No
Application	microsoft	exchange_server	*	No

References

http://secunia.com/advisories/46370 Vendor Advisory ([email protected])
http://securitytracker.com/id?1026179 ([email protected])
http://www.blackberry.com/btsc/KB28524 Exploit, Vendor Advisory ([email protected])
http://www.osvdb.org/76286 ([email protected])
http://www.securityfocus.com/bid/50064 ([email protected])
https://exchange.xforce.ibmcloud.com/vulnerabilities/70519 ([email protected])
http://secunia.com/advisories/46370 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://securitytracker.com/id?1026179 (af854a3a-2127-422b-91ae-364da2661108)
http://www.blackberry.com/btsc/KB28524 Exploit, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.osvdb.org/76286 (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/50064 (af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/70519 (af854a3a-2127-422b-91ae-364da2661108)