3 matches found
CVE-2021-3540
CVE-2021-3540 affects Ivanti MobileIron Core. The flaw allows escaping the restricted clish shell via the install rpm info detail command, effectively a clish argument-injection vulnerability. Consequence is elevated/possibly complete impact on confidentiality, integrity, and availability per NVD...
CVE-2021-3540 Ivanti MobileIron Core clish Restricted Shell Escape via Argument Injection
By abusing the 'install rpm info detail' command, an attacker can escape the restricted clish shell on affected versions of Ivanti MobileIron Core. This issue was fixed in version 11.1.0.0...
CVE-2021-3198 and CVE-2021-3540: MobileIron Shell Escape Privilege Escalation Vulnerabilities
Ivanti MobileIron Core versions 10.7.0.1-9 and 11.0.0.1-3 suffer from two restricted shell escape vulnerabilities through the install rpm command present in the clish restricted shell. These issues have been fixed in version 11.1.0.0, released on March 15, 2021. The first, CVE-2021-3198, is an...