CVE-2014-1469

BlackBerry Enterprise Server 5.x before 5.0.4 MR7 and Enterprise Service 10.x before 10.2.2 log cleartext credentials during exception handling, which allows local users to obtain sensitive information by reading the exception log file.

Published: Aug 18, 2014
Updated: Apr 13, 2023
CVE: CVE-2014-1469
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4.9
AV:L/AC:L/Au:N/C:C/I:N/A:N

CWEs:

CWE-310

Affected Software
References

Software	From	Fixed in
blackberry / enterprise_server	-	5.0.4.x
blackberry / enterprise_server_express	5.0.4	5.0.4.x
blackberry / blackberry_enterprise_service	10.1.0	10.1.0.x
blackberry / blackberry_enterprise_service	10.1.2	10.1.2.x
blackberry / blackberry_enterprise_service	10.2.1	10.2.1.x
blackberry / blackberry_enterprise_service	10.2.0	10.2.0.x
blackberry / blackberry_enterprise_service	10.0	10.0.x

http://secunia.com/advisories/60154
http://www.blackberry.com/btsc/KB36175
http://www.securityfocus.com/bid/69211
https://exchange.xforce.ibmcloud.com/vulnerabilities/95264

Vulnerability Database

289,599

CVE-2014-1469