vulnerability

MobileIron Products: Unauthenticated Remote Code Execution (CVE-2020-15505)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
7	(AV:N/AC:L/Au:N/C:P/I:P/A:P)	Sep 12, 2020	Jan 5, 2021	May 3, 2022

Severity

CVSS

(AV:N/AC:L/Au:N/C:P/I:P/A:P)

Published

Sep 12, 2020

Added

Jan 5, 2021

Modified

May 3, 2022

Description

A remote code execution vulnerability in MobileIron Core & Connector
versions 10.3.0.3 and earlier, 10.4.0.0, 10.4.0.1, 10.4.0.2, 10.4.0.3,
10.5.1.0, 10.5.2.0 and 10.6.0.0; Sentry versions 9.7.2 and earlier, and
9.8.0; and Monitor and Reporting Database (RDB) version 2.0.0.1 and
earlier that allows remote attackers to execute arbitrary code via
unspecified vectors.

Solution

mobileiron-cve-2020-15505

References

CVE-2020-15505
https://attackerkb.com/topics/CVE-2020-15505
URL-https://www.mobileiron.com/en/blog/mobileiron-security-updates-available
URL-https://blog.orange.tw/2020/09/how-i-hacked-facebook-again-mobileiron-mdm-rce.html
URL-https://github.com/httpvoid/CVE-Reverse/tree/master/CVE-2020-15505

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today