By abusing the ‘install rpm info detail’ command, an attacker can escape the restricted clish shell on affected versions of Ivanti MobileIron Core. This issue was fixed in version 11.1.0.0.
CPE | Name | Operator | Version |
---|---|---|---|
mobileiron | ge | 11.0.0.0 | |
mobileiron | lt | 11.1.0.0 | |
mobileiron | eq | <= 10.7.0.1-9 |