Show filters
4 Total Results
Displaying 1-4 of 4
Sort by:
Attacker Value
Very High

CVE-2023-38035

Disclosure Date: August 21, 2023 (last updated October 08, 2023)
A security vulnerability in MICS Admin Portal in Ivanti MobileIron Sentry versions 9.18.0 and below, which may allow an attacker to bypass authentication controls on the administrative interface due to an insufficiently restrictive Apache HTTPD configuration.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
3
1
Attacker Value
Unknown

CVE-2021-3540

Disclosure Date: June 02, 2021 (last updated February 23, 2025)
By abusing the 'install rpm info detail' command, an attacker can escape the restricted clish shell on affected versions of Ivanti MobileIron Core. This issue was fixed in version 11.1.0.0.
Attack Vector: NetworkPrivileges: HighUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2021-3198

Disclosure Date: June 02, 2021 (last updated February 23, 2025)
By abusing the 'install rpm url' command, an attacker can escape the restricted clish shell on affected versions of Ivanti MobileIron Core. This issue was fixed in version 11.1.0.0.
Attack Vector: NetworkPrivileges: HighUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2013-7286

Disclosure Date: February 12, 2020 (last updated February 21, 2025)
MobileIron VSP < 5.9.1 and Sentry < 5.0 has a weak password obfuscation algorithm
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0