CVE-2021-22152

MEDIUM

BlackBerry Unified Endpoint Management <= 12.13.1 QF2 / <= 12.12.1a QF6 - DoS via Management Console Input Validation

Title source: llm
STIX 2.1

Description

A Denial of Service due to Improper Input Validation vulnerability in the Management Console component of BlackBerry UEM version(s) 12.13.1 QF2 and earlier and 12.12.1a QF6 and earlier could allow an attacker to potentially to prevent any new user connections.

References (1)

Core 1
Core References

Scores

CVSS v3 5.5
EPSS 0.0022
EPSS Percentile 12.3%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Details

CWE
CWE-20
Status published
Products (4)
blackberry/unified_endpoint_management 12.12.1a quick_fix_1 (6 CPE variants)
blackberry/unified_endpoint_management 12.13.0 (2 CPE variants)
blackberry/unified_endpoint_management 12.13.1 quick_fix_1 (2 CPE variants)
blackberry/unified_endpoint_management < 12.12.0
Published May 13, 2021
Tracked Since Feb 18, 2026