CyberSec.Space Logo
CVEブラウザに戻る

CVE-2020-6932

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1820%
EPSS Percentile5.83th
Published2020年8月12日
Last Modified2025年8月22日

Vulnerability Description

An information disclosure and remote code execution vulnerability in the slinger web server of the BlackBerry QNX Software Development Platform versions 6.4.0 to 6.6.0 could allow an attacker to potentially read arbitrary files and run arbitrary executables in the context of the web server.

Affected Platforms (CPE)

📦
Blackberry

Qnx Software Development Platform

>= 6.4.0 and <= 6.6.0

References & Advisories

🔗 http://support.blackberry.com/kb/articleDetail?articleNumber=000061411
🔗 http://support.blackberry.com/kb/articleDetail?articleNumber=000061411

関連する脆弱性情報

CVE-2017-38919.6

In BlackBerry QNX Software Development Platform (SDP) 6.6.0, an elevation of privilege vulnerability in the default configuration ...

CVE-2021-221569.0

An integer overflow vulnerability in the calloc() function of the C runtime library of affected versions of BlackBerry® QNX Softwa...

CVE-2021-320258.1

An elevation of privilege vulnerability in the QNX Neutrino Kernel of affected versions of QNX Software Development Platform versi...

CVE-2019-89987.8

An information disclosure vulnerability leading to a potential local escalation of privilege in the procfs service (the /proc file...