Lucene search
K

4 matches found

CVE
CVE
added 2014/12/06 3:0 p.m.58 views

CVE-2014-6140

IBM Endpoint Manager for Mobile Devices (TEM/Mobile Device Management) components including Enrollment and Apple iOS Management Extender, Self-Service Portal, Admin Portal, and Trusted Service Provider are affected. The root cause is that TEM uses static secret_token values across all installatio...

9.3CVSS7.3AI score0.06494EPSS
Exploits3References7Affected Software1
0day.today
0day.today
added 2014/12/02 12:0 a.m.68 views

IBM Endpoint Manager For Mobile Devices Code Execution Vulnerability

During a penetration test, RedTeam Pentesting discovered that several IBM Endpoint Manager Components are based on Ruby on Rails and use static secrettoken values. With these values, attackers can create valid session cookies containing marshalled objects of their choosing. This can be leveraged ...

9.3CVSS7.3AI score0.06494EPSS
Exploits3
Packet Storm
Packet Storm
added 2014/12/02 12:0 a.m.56 views

IBM Endpoint Manager For Mobile Devices Code Execution

Advisory: Unauthenticated Remote Code Execution in IBM Endpoint Manager Mobile Device Management Components During a penetration test, RedTeam Pentesting discovered that several IBM Endpoint Manager Components are based on Ruby on Rails and use static secrettoken values. With these values,...

9.3CVSS0.5AI score0.06494EPSS
Exploits3
securityvulns
securityvulns
added 2014/12/02 12:0 a.m.57 views

[RT-SA-2014-012] Unauthenticated Remote Code Execution in IBM Endpoint Manager Mobile Device Management Components

Advisory: Unauthenticated Remote Code Execution in IBM Endpoint Manager Mobile Device Management Components During a penetration test, RedTeam Pentesting discovered that several IBM Endpoint Manager Components are based on Ruby on Rails and use static secrettoken values. With these values,...

9.3CVSS7.9AI score0.06494EPSS
Exploits3
Rows per page
Query Builder