Lucene search
K
MobileironSentry

5 matches found

CVE
CVE
added 2020/07/07 1:43 a.m.1572 views

CVE-2020-15505

CVE-2020-15505 affects MobileIron Core & Connector (and related Sentry and RDB components). The vulnerability is a remote code execution via untrusted Java deserialization (Hessian-based) on vulnerable MobileIron versions 10.3.0.3 and earlier, 10.4.x, 10.5.x, and 10.6.0.0 and earlier; exploitable...

9.8CVSS9.7AI score0.99737EPSS
In wild
CVE
CVE
added 2020/07/07 1:43 a.m.235 views

CVE-2020-15506

CVE-2020-15506 is an authentication bypass in MobileIron Core & Connector, affecting 10.3.0.3 and earlier, 10.4.x, 10.5.x, and 10.6.0.0. The public description states that remote attackers can bypass authentication via unspecified vectors. Connected sources confirm the issue is an auth bypass in ...

9.8CVSS9.4AI score0.02816EPSS
In wild
CVE
CVE
added 2020/07/07 1:42 a.m.110 views

CVE-2020-15507

CVE-2020-15507 describes an arbitrary file reading vulnerability in MobileIron Core, affecting versions 10.3.0.3 and earlier, 10.4.x, 10.5.x, and 10.6.0.0, that allows a remote attacker to read files on the system via unspecified vectors. The Red Hat/NVD entries and related advisories confirm thi...

7.5CVSS7.8AI score0.02214EPSS
CVE
CVE
added 2020/02/13 10:9 p.m.89 views

CVE-2013-7287

The CVE-2013-7287 entry concerns MobileIron VSP < 5.9.1 and Sentry

10CVSS9.3AI score0.0143EPSS
CVE
CVE
added 2020/01/08 3:29 p.m.89 views

CVE-2014-1409

MobileIron VSP before 5.9.1 and Sentry before 5.0 are affected by an authentication bypass via an XML file containing obfuscated passwords. The root cause is improper filtering of the j_username parameter in /mics/j_spring_security_check, enabling blind XPath injection to read XML config data. Ex...

9.1CVSS9.3AI score0.04049EPSS
Web