module
MobileIron Core Unauthenticated JNDI Injection RCE (via Log4Shell)
| Disclosed |
|---|
| Dec 12, 2021 |
Disclosed
Dec 12, 2021
Description
MobileIron Core is affected by the Log4Shell vulnerability whereby a JNDI string sent to the server
will cause it to connect to the attacker and deserialize a malicious Java object. This results in OS
command execution in the context of the tomcat user.
This module will start an LDAP server that the target will need to connect to.
will cause it to connect to the attacker and deserialize a malicious Java object. This results in OS
command execution in the context of the tomcat user.
This module will start an LDAP server that the target will need to connect to.
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.