Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-21521

An SQL Injection vulnerability in the Management Console  (Operator Audit Trail) of BlackBerry AtHoc version 7.15 could allow an attacker to potentially read sensitive data from the database, modify database data (Insert/Update/Delete), execute administration operations on the database, recover the content of a given file present on the DBMS file system and in some cases issue commands to the operating system.

Published

2023-09-12T19:15:36.033

Last Modified

2024-11-21T07:43:00.160

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.2 (HIGH)

Weaknesses

Type: Primary
CWE-89

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	blackberry	athoc	7.15	Yes

References

https://support.blackberry.com/kb/articleDetail?articleNumber=000112406 Mitigation, Vendor Advisory ([email protected])
https://support.blackberry.com/kb/articleDetail?articleNumber=000112406 Mitigation, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)