CVE-2025-12766

Medium CVSS: 5.0

An Insecure Direct Object Reference (IDOR) vulnerability in the Management Console of BlackBerry® AtHoc® (OnPrem) version 7.21 could allow an attacker to potentially gain unauthorized knowledge about other organizations hosted on the same Interactive Warning System (IWS).

Vendor

Blackberry

Product

Athoc

CWE

CWE-639

Yayın Tarihi

2025-11-19 17:15:46

Güncelleme

2025-12-01 17:22:03

Source Identifier

secure@blackberry.com

KEV Date Added

Kategoriler

CWE-639 Athoc MEDIUM Blackberry 2025

Referanslar

https://support.blackberry.com/pkb/s/article/140929

Benzer Kayıtlar

Critical

CVE-2025-2474

Out-of-bounds write in the PCX image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an unauthenticated attacker…

High

CVE-2024-48858

Improper input validation in the PCX image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an unauthenticated att…

Medium

CVE-2024-48854

Off-by-one error in the TIFF image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an unauthenticated attacker to…

Medium

CVE-2024-48855

Out-of-bounds read in the TIFF image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an unauthenticated attacker…

Critical

CVE-2024-48856

Out-of-bounds write in the PCX image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an unauthenticated attacker…

High

CVE-2024-48857

NULL pointer dereference in the PCX image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an unauthenticated atta…