CVE-2016-3129

Medium CVSS 6.6

Overview

A remote shell execution vulnerability in the BlackBerry Good Enterprise Mobility Server (GEMS) implementation of the Apache Karaf command shell in GEMS versions 2.1.5.3 to 2.2.22.25 allows remote attackers to obtain local administrator rights on the GEMS server via commands executed on the Karaf command shell.

CWE: N/A Published: 2016-12-16T09:59:00.200

Risk analysis

This vulnerability is rated 🟡 MEDIUM.

CVSS: 6.6 (MEDIUM)
Detected tags: none (tag impact: LOW)

Recommended actions:

Prioritize remediation based on business criticality and exposure.
Limit exposure and increase monitoring until fixed.

Overview

Recommended tools

Tags