CVE-2018-8889

Description

A directory traversal vulnerability in the Connect Service of the BlackBerry Enterprise Mobility Server (BEMS) 2.8.17.29 and earlier could allow an attacker to retrieve arbitrary files in the context of a BEMS administrator account.

Affected products

• BlackBerry / BlackBerry Enterprise Mobility Server (BEMS)2.8.17.29 and earlier – 2.8.17.29 and earlier

References

• MISChttp://support.blackberry.com/kb/articleDetail?articleNumber=000051590&language=en_US