Vulnerability CVE-2020-15505
Published: 2020-07-07

Description:
A remote code execution vulnerability in MobileIron Core and Connector versions 10.6 and earlier, and Sentry versions 9.8 and earlier that allows remote attackers to execute arbitrary code via unspecified vectors.

Type:

NVD-CWE-noinfo

CVSS2 => (AV:N/AC:L/Au:N/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.5/10
6.4/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial
Affected software
Mobileiron -> Cloud 
Mobileiron -> CORE 
Mobileiron -> Enterprise connector 
Mobileiron -> Reporting database 
Mobileiron -> Sentry 

 References:
https://www.mobileiron.com/en/blog/mobileiron-security-updates-available
Copyright 2024, cxsecurity.com

 

Back to Top