Search criteria
9 vulnerabilities found for core by mobileiron
FKIE_CVE-2020-15507
Vulnerability from fkie_nvd - Published: 2020-07-07 02:15 - Updated: 2024-11-21 05:05
Severity ?
Summary
An arbitrary file reading vulnerability in MobileIron Core versions 10.3.0.3 and earlier, 10.4.0.0, 10.4.0.1, 10.4.0.2, 10.4.0.3, 10.5.1.0, 10.5.2.0 and 10.6.0.0 that allows remote attackers to read files on the system via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mobileiron | cloud | * | |
| mobileiron | core | * | |
| mobileiron | enterprise_connector | * | |
| mobileiron | reporting_database | * | |
| mobileiron | sentry | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mobileiron:cloud:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8C4F0B0B-388C-4B6A-B233-77269AFE887E",
"versionEndIncluding": "10.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mobileiron:core:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3ACD8393-2E8F-4790-B142-1C41D2EA0956",
"versionEndIncluding": "10.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mobileiron:enterprise_connector:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F1D3A8A-BCA4-4DF8-A126-F9E10B194ED0",
"versionEndIncluding": "10.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mobileiron:reporting_database:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0B823AB8-E08B-4A3B-BABF-3E9FB7C18B99",
"versionEndIncluding": "10.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mobileiron:sentry:*:*:*:*:*:*:*:*",
"matchCriteriaId": "96937DB3-B17C-4718-B2D9-6219B5B10676",
"versionEndIncluding": "10.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An arbitrary file reading vulnerability in MobileIron Core versions 10.3.0.3 and earlier, 10.4.0.0, 10.4.0.1, 10.4.0.2, 10.4.0.3, 10.5.1.0, 10.5.2.0 and 10.6.0.0 that allows remote attackers to read files on the system via unspecified vectors."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad arbitraria de lectura de archivos en MobileIron Core y Connector versiones 10.3.0.3 y anteriores, versiones 10.4.0.0, 10.4.0.1, 10.4.0.2, 10.4.0.3, 10.5.1.0, 10.5.2.0 y versi\u00f3n 10.6.0.0 que permite a atacantes remotos leer archivos sobre el sistema por medio de vectores no especificados"
}
],
"id": "CVE-2020-15507",
"lastModified": "2024-11-21T05:05:39.827",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-07-07T02:15:10.753",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.mobileiron.com/en/blog/mobileiron-security-updates-available"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.mobileiron.com/en/blog/mobileiron-security-updates-available"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.mobileiron.com/en/blog/mobileiron-security-updates-available"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.mobileiron.com/en/blog/mobileiron-security-updates-available"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2020-15506
Vulnerability from fkie_nvd - Published: 2020-07-07 02:15 - Updated: 2024-11-21 05:05
Severity ?
Summary
An authentication bypass vulnerability in MobileIron Core & Connector versions 10.3.0.3 and earlier, 10.4.0.0, 10.4.0.1, 10.4.0.2, 10.4.0.3, 10.5.1.0, 10.5.2.0 and 10.6.0.0 that allows remote attackers to bypass authentication mechanisms via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mobileiron | cloud | * | |
| mobileiron | core | * | |
| mobileiron | enterprise_connector | * | |
| mobileiron | reporting_database | * | |
| mobileiron | sentry | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mobileiron:cloud:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8C4F0B0B-388C-4B6A-B233-77269AFE887E",
"versionEndIncluding": "10.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mobileiron:core:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3ACD8393-2E8F-4790-B142-1C41D2EA0956",
"versionEndIncluding": "10.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mobileiron:enterprise_connector:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F1D3A8A-BCA4-4DF8-A126-F9E10B194ED0",
"versionEndIncluding": "10.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mobileiron:reporting_database:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0B823AB8-E08B-4A3B-BABF-3E9FB7C18B99",
"versionEndIncluding": "10.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mobileiron:sentry:*:*:*:*:*:*:*:*",
"matchCriteriaId": "96937DB3-B17C-4718-B2D9-6219B5B10676",
"versionEndIncluding": "10.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An authentication bypass vulnerability in MobileIron Core \u0026 Connector versions 10.3.0.3 and earlier, 10.4.0.0, 10.4.0.1, 10.4.0.2, 10.4.0.3, 10.5.1.0, 10.5.2.0 and 10.6.0.0 that allows remote attackers to bypass authentication mechanisms via unspecified vectors."
},
{
"lang": "es",
"value": "Una vulnerabilidad de omisi\u00f3n de autentificaci\u00f3n en MobileIron Core y Connector versiones 10.3.0.3 y anteriores, versiones 10.4.0.0, 10.4.0.1, 10.4.0.2, 10.4.0.3, 10.5.1.0, 10.5.2.0 y versi\u00f3n 10.6.0.0 permite a atacantes remotos omitir los mecanismos de autenticaci\u00f3n por medio de vectores no especificados"
}
],
"id": "CVE-2020-15506",
"lastModified": "2024-11-21T05:05:39.687",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-07-07T02:15:10.677",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.mobileiron.com/en/blog/mobileiron-security-updates-available"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.mobileiron.com/en/blog/mobileiron-security-updates-available"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.mobileiron.com/en/blog/mobileiron-security-updates-available"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.mobileiron.com/en/blog/mobileiron-security-updates-available"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2020-15505
Vulnerability from fkie_nvd - Published: 2020-07-07 02:15 - Updated: 2025-11-07 19:32
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
A remote code execution vulnerability in MobileIron Core & Connector versions 10.3.0.3 and earlier, 10.4.0.0, 10.4.0.1, 10.4.0.2, 10.4.0.3, 10.5.1.0, 10.5.2.0 and 10.6.0.0; and Sentry versions 9.7.2 and earlier, and 9.8.0; and Monitor and Reporting Database (RDB) version 2.0.0.1 and earlier that allows remote attackers to execute arbitrary code via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mobileiron | core | * | |
| mobileiron | core | * | |
| mobileiron | core | * | |
| mobileiron | core | * | |
| mobileiron | core | * | |
| mobileiron | enterprise_connector | * | |
| mobileiron | enterprise_connector | * | |
| mobileiron | enterprise_connector | * | |
| mobileiron | enterprise_connector | * | |
| mobileiron | enterprise_connector | * | |
| mobileiron | monitor_and_reporting_database | * | |
| mobileiron | sentry | * | |
| mobileiron | sentry | * |
{
"cisaActionDue": "2022-05-03",
"cisaExploitAdd": "2021-11-03",
"cisaRequiredAction": "Apply updates per vendor instructions.",
"cisaVulnerabilityName": "Ivanti MobileIron Multiple Products Remote Code Execution Vulnerability",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mobileiron:core:*:*:*:*:*:*:*:*",
"matchCriteriaId": "85108795-4F9A-442D-AC89-7D7BD789CDE8",
"versionEndExcluding": "10.3.0.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mobileiron:core:*:*:*:*:*:*:*:*",
"matchCriteriaId": "435C14AB-8E82-4960-9707-029E78F05B7F",
"versionEndExcluding": "10.4.0.4",
"versionStartIncluding": "10.4.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mobileiron:core:*:*:*:*:*:*:*:*",
"matchCriteriaId": "42F33D03-891D-441E-9791-C30C6ACDFF52",
"versionEndExcluding": "10.5.1.1",
"versionStartIncluding": "10.5.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mobileiron:core:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ACF97F92-1F87-4999-8C2F-931FABBA808C",
"versionEndExcluding": "10.5.2.1",
"versionStartIncluding": "10.5.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mobileiron:core:*:*:*:*:*:*:*:*",
"matchCriteriaId": "224FABD4-3BEB-4B43-A56F-FDC0DB4F4A6D",
"versionEndExcluding": "10.6.0.1",
"versionStartIncluding": "10.6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mobileiron:enterprise_connector:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8EAE4F4A-3367-478C-847B-874F5478A88C",
"versionEndExcluding": "10.3.0.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mobileiron:enterprise_connector:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E35CE2A3-27E9-4A07-B955-8566B282AD8E",
"versionEndExcluding": "10.4.0.4",
"versionStartIncluding": "10.4.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mobileiron:enterprise_connector:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D14ACC79-D792-4D49-9614-08D498663C89",
"versionEndExcluding": "10.5.1.1",
"versionStartIncluding": "10.5.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mobileiron:enterprise_connector:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E96AFC4F-59A2-48C6-A19B-37C409665A6A",
"versionEndExcluding": "10.5.2.1",
"versionStartIncluding": "10.5.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mobileiron:enterprise_connector:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3B882EB7-EF53-41A9-9C6F-206F29344BC8",
"versionEndExcluding": "10.6.0.1",
"versionStartIncluding": "10.6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mobileiron:monitor_and_reporting_database:*:*:*:*:*:*:*:*",
"matchCriteriaId": "01885369-CE7E-40E3-903A-F7D4B123F0FA",
"versionEndExcluding": "2.0.0.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mobileiron:sentry:*:*:*:*:*:*:*:*",
"matchCriteriaId": "89E6B0D3-880D-4159-BF43-0103AC305969",
"versionEndExcluding": "9.7.3",
"versionStartIncluding": "9.7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mobileiron:sentry:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B3AE2420-9714-456E-81DC-2464B92C1ED8",
"versionEndExcluding": "9.8.1",
"versionStartIncluding": "9.8.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability in MobileIron Core \u0026 Connector versions 10.3.0.3 and earlier, 10.4.0.0, 10.4.0.1, 10.4.0.2, 10.4.0.3, 10.5.1.0, 10.5.2.0 and 10.6.0.0; and Sentry versions 9.7.2 and earlier, and 9.8.0; and Monitor and Reporting Database (RDB) version 2.0.0.1 and earlier that allows remote attackers to execute arbitrary code via unspecified vectors."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de ejecuci\u00f3n de c\u00f3digo remoto en las versiones 10.3.0.3 y anteriores del MobileIron Core y Connector, versiones 10.4.0.0, 10.4.0.1, 10.4.0.2, 10.4.0.3, 10.5.1.0, 10.5.2.0 y 10.6.0.0; y las versiones 9 del Sentry. 7.2 y anteriores, y versiones 9.8.0; y Monitor and Reporting Database (RDB) versi\u00f3n 2.0.0.1 y anteriores que permite a los atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados"
}
],
"id": "CVE-2020-15505",
"lastModified": "2025-11-07T19:32:10.727",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2020-07-07T02:15:10.613",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/161097/MobileIron-MDM-Hessian-Based-Java-Deserialization-Remote-Code-Execution.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://cwe.mitre.org/data/definitions/41.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://perchsecurity.com/perch-news/cve-spotlight-mobileiron-rce-cve-2020-15505/"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.mobileiron.com/en/blog/mobileiron-security-updates-available"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.mobileiron.com/en/blog/mobileiron-security-updates-available"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/161097/MobileIron-MDM-Hessian-Based-Java-Deserialization-Remote-Code-Execution.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://cwe.mitre.org/data/definitions/41.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://perchsecurity.com/perch-news/cve-spotlight-mobileiron-rce-cve-2020-15505/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.mobileiron.com/en/blog/mobileiron-security-updates-available"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.mobileiron.com/en/blog/mobileiron-security-updates-available"
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"US Government Resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-15505"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-706"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-706"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
CVE-2020-15505 (GCVE-0-2020-15505)
Vulnerability from cvelistv5 – Published: 2020-07-07 01:43 – Updated: 2025-10-21 23:35
VLAI?
Summary
A remote code execution vulnerability in MobileIron Core & Connector versions 10.3.0.3 and earlier, 10.4.0.0, 10.4.0.1, 10.4.0.2, 10.4.0.3, 10.5.1.0, 10.5.2.0 and 10.6.0.0; and Sentry versions 9.7.2 and earlier, and 9.8.0; and Monitor and Reporting Database (RDB) version 2.0.0.1 and earlier that allows remote attackers to execute arbitrary code via unspecified vectors.
Severity ?
9.8 (Critical)
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:15:20.689Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.mobileiron.com/en/blog/mobileiron-security-updates-available"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.mobileiron.com/en/blog/mobileiron-security-updates-available"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://perchsecurity.com/perch-news/cve-spotlight-mobileiron-rce-cve-2020-15505/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/161097/MobileIron-MDM-Hessian-Based-Java-Deserialization-Remote-Code-Execution.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cwe.mitre.org/data/definitions/41.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2020-15505",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-04T19:51:44.271380Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2021-11-03",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-15505"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-706",
"description": "CWE-706 Use of Incorrectly-Resolved Name or Reference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T23:35:41.248Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-15505"
}
],
"timeline": [
{
"lang": "en",
"time": "2021-11-03T00:00:00+00:00",
"value": "CVE-2020-15505 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability in MobileIron Core \u0026 Connector versions 10.3.0.3 and earlier, 10.4.0.0, 10.4.0.1, 10.4.0.2, 10.4.0.3, 10.5.1.0, 10.5.2.0 and 10.6.0.0; and Sentry versions 9.7.2 and earlier, and 9.8.0; and Monitor and Reporting Database (RDB) version 2.0.0.1 and earlier that allows remote attackers to execute arbitrary code via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-10T20:16:14.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.mobileiron.com/en/blog/mobileiron-security-updates-available"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.mobileiron.com/en/blog/mobileiron-security-updates-available"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://perchsecurity.com/perch-news/cve-spotlight-mobileiron-rce-cve-2020-15505/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/161097/MobileIron-MDM-Hessian-Based-Java-Deserialization-Remote-Code-Execution.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cwe.mitre.org/data/definitions/41.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-15505",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability in MobileIron Core \u0026 Connector versions 10.3.0.3 and earlier, 10.4.0.0, 10.4.0.1, 10.4.0.2, 10.4.0.3, 10.5.1.0, 10.5.2.0 and 10.6.0.0; and Sentry versions 9.7.2 and earlier, and 9.8.0; and Monitor and Reporting Database (RDB) version 2.0.0.1 and earlier that allows remote attackers to execute arbitrary code via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.mobileiron.com/en/blog/mobileiron-security-updates-available",
"refsource": "MISC",
"url": "https://www.mobileiron.com/en/blog/mobileiron-security-updates-available"
},
{
"name": "https://www.mobileiron.com/en/blog/mobileiron-security-updates-available",
"refsource": "CONFIRM",
"url": "https://www.mobileiron.com/en/blog/mobileiron-security-updates-available"
},
{
"name": "https://perchsecurity.com/perch-news/cve-spotlight-mobileiron-rce-cve-2020-15505/",
"refsource": "MISC",
"url": "https://perchsecurity.com/perch-news/cve-spotlight-mobileiron-rce-cve-2020-15505/"
},
{
"name": "http://packetstormsecurity.com/files/161097/MobileIron-MDM-Hessian-Based-Java-Deserialization-Remote-Code-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/161097/MobileIron-MDM-Hessian-Based-Java-Deserialization-Remote-Code-Execution.html"
},
{
"name": "https://cwe.mitre.org/data/definitions/41.html",
"refsource": "MISC",
"url": "https://cwe.mitre.org/data/definitions/41.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-15505",
"datePublished": "2020-07-07T01:43:52.000Z",
"dateReserved": "2020-07-02T00:00:00.000Z",
"dateUpdated": "2025-10-21T23:35:41.248Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-15506 (GCVE-0-2020-15506)
Vulnerability from cvelistv5 – Published: 2020-07-07 01:43 – Updated: 2024-08-04 13:15
VLAI?
Summary
An authentication bypass vulnerability in MobileIron Core & Connector versions 10.3.0.3 and earlier, 10.4.0.0, 10.4.0.1, 10.4.0.2, 10.4.0.3, 10.5.1.0, 10.5.2.0 and 10.6.0.0 that allows remote attackers to bypass authentication mechanisms via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:15:20.863Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.mobileiron.com/en/blog/mobileiron-security-updates-available"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.mobileiron.com/en/blog/mobileiron-security-updates-available"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An authentication bypass vulnerability in MobileIron Core \u0026 Connector versions 10.3.0.3 and earlier, 10.4.0.0, 10.4.0.1, 10.4.0.2, 10.4.0.3, 10.5.1.0, 10.5.2.0 and 10.6.0.0 that allows remote attackers to bypass authentication mechanisms via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-09-18T16:05:57",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.mobileiron.com/en/blog/mobileiron-security-updates-available"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.mobileiron.com/en/blog/mobileiron-security-updates-available"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-15506",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An authentication bypass vulnerability in MobileIron Core \u0026 Connector versions 10.3.0.3 and earlier, 10.4.0.0, 10.4.0.1, 10.4.0.2, 10.4.0.3, 10.5.1.0, 10.5.2.0 and 10.6.0.0 that allows remote attackers to bypass authentication mechanisms via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.mobileiron.com/en/blog/mobileiron-security-updates-available",
"refsource": "MISC",
"url": "https://www.mobileiron.com/en/blog/mobileiron-security-updates-available"
},
{
"name": "https://www.mobileiron.com/en/blog/mobileiron-security-updates-available",
"refsource": "CONFIRM",
"url": "https://www.mobileiron.com/en/blog/mobileiron-security-updates-available"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-15506",
"datePublished": "2020-07-07T01:43:13",
"dateReserved": "2020-07-02T00:00:00",
"dateUpdated": "2024-08-04T13:15:20.863Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-15507 (GCVE-0-2020-15507)
Vulnerability from cvelistv5 – Published: 2020-07-07 01:42 – Updated: 2024-08-04 13:15
VLAI?
Summary
An arbitrary file reading vulnerability in MobileIron Core versions 10.3.0.3 and earlier, 10.4.0.0, 10.4.0.1, 10.4.0.2, 10.4.0.3, 10.5.1.0, 10.5.2.0 and 10.6.0.0 that allows remote attackers to read files on the system via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:15:20.702Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.mobileiron.com/en/blog/mobileiron-security-updates-available"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.mobileiron.com/en/blog/mobileiron-security-updates-available"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An arbitrary file reading vulnerability in MobileIron Core versions 10.3.0.3 and earlier, 10.4.0.0, 10.4.0.1, 10.4.0.2, 10.4.0.3, 10.5.1.0, 10.5.2.0 and 10.6.0.0 that allows remote attackers to read files on the system via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-09-18T16:14:56",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.mobileiron.com/en/blog/mobileiron-security-updates-available"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.mobileiron.com/en/blog/mobileiron-security-updates-available"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-15507",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An arbitrary file reading vulnerability in MobileIron Core versions 10.3.0.3 and earlier, 10.4.0.0, 10.4.0.1, 10.4.0.2, 10.4.0.3, 10.5.1.0, 10.5.2.0 and 10.6.0.0 that allows remote attackers to read files on the system via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.mobileiron.com/en/blog/mobileiron-security-updates-available",
"refsource": "MISC",
"url": "https://www.mobileiron.com/en/blog/mobileiron-security-updates-available"
},
{
"name": "https://www.mobileiron.com/en/blog/mobileiron-security-updates-available",
"refsource": "CONFIRM",
"url": "https://www.mobileiron.com/en/blog/mobileiron-security-updates-available"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-15507",
"datePublished": "2020-07-07T01:42:44",
"dateReserved": "2020-07-02T00:00:00",
"dateUpdated": "2024-08-04T13:15:20.702Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-15505 (GCVE-0-2020-15505)
Vulnerability from nvd – Published: 2020-07-07 01:43 – Updated: 2025-10-21 23:35
VLAI?
Summary
A remote code execution vulnerability in MobileIron Core & Connector versions 10.3.0.3 and earlier, 10.4.0.0, 10.4.0.1, 10.4.0.2, 10.4.0.3, 10.5.1.0, 10.5.2.0 and 10.6.0.0; and Sentry versions 9.7.2 and earlier, and 9.8.0; and Monitor and Reporting Database (RDB) version 2.0.0.1 and earlier that allows remote attackers to execute arbitrary code via unspecified vectors.
Severity ?
9.8 (Critical)
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:15:20.689Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.mobileiron.com/en/blog/mobileiron-security-updates-available"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.mobileiron.com/en/blog/mobileiron-security-updates-available"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://perchsecurity.com/perch-news/cve-spotlight-mobileiron-rce-cve-2020-15505/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/161097/MobileIron-MDM-Hessian-Based-Java-Deserialization-Remote-Code-Execution.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cwe.mitre.org/data/definitions/41.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2020-15505",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-04T19:51:44.271380Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2021-11-03",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-15505"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-706",
"description": "CWE-706 Use of Incorrectly-Resolved Name or Reference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T23:35:41.248Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-15505"
}
],
"timeline": [
{
"lang": "en",
"time": "2021-11-03T00:00:00+00:00",
"value": "CVE-2020-15505 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability in MobileIron Core \u0026 Connector versions 10.3.0.3 and earlier, 10.4.0.0, 10.4.0.1, 10.4.0.2, 10.4.0.3, 10.5.1.0, 10.5.2.0 and 10.6.0.0; and Sentry versions 9.7.2 and earlier, and 9.8.0; and Monitor and Reporting Database (RDB) version 2.0.0.1 and earlier that allows remote attackers to execute arbitrary code via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-10T20:16:14.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.mobileiron.com/en/blog/mobileiron-security-updates-available"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.mobileiron.com/en/blog/mobileiron-security-updates-available"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://perchsecurity.com/perch-news/cve-spotlight-mobileiron-rce-cve-2020-15505/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/161097/MobileIron-MDM-Hessian-Based-Java-Deserialization-Remote-Code-Execution.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cwe.mitre.org/data/definitions/41.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-15505",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability in MobileIron Core \u0026 Connector versions 10.3.0.3 and earlier, 10.4.0.0, 10.4.0.1, 10.4.0.2, 10.4.0.3, 10.5.1.0, 10.5.2.0 and 10.6.0.0; and Sentry versions 9.7.2 and earlier, and 9.8.0; and Monitor and Reporting Database (RDB) version 2.0.0.1 and earlier that allows remote attackers to execute arbitrary code via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.mobileiron.com/en/blog/mobileiron-security-updates-available",
"refsource": "MISC",
"url": "https://www.mobileiron.com/en/blog/mobileiron-security-updates-available"
},
{
"name": "https://www.mobileiron.com/en/blog/mobileiron-security-updates-available",
"refsource": "CONFIRM",
"url": "https://www.mobileiron.com/en/blog/mobileiron-security-updates-available"
},
{
"name": "https://perchsecurity.com/perch-news/cve-spotlight-mobileiron-rce-cve-2020-15505/",
"refsource": "MISC",
"url": "https://perchsecurity.com/perch-news/cve-spotlight-mobileiron-rce-cve-2020-15505/"
},
{
"name": "http://packetstormsecurity.com/files/161097/MobileIron-MDM-Hessian-Based-Java-Deserialization-Remote-Code-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/161097/MobileIron-MDM-Hessian-Based-Java-Deserialization-Remote-Code-Execution.html"
},
{
"name": "https://cwe.mitre.org/data/definitions/41.html",
"refsource": "MISC",
"url": "https://cwe.mitre.org/data/definitions/41.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-15505",
"datePublished": "2020-07-07T01:43:52.000Z",
"dateReserved": "2020-07-02T00:00:00.000Z",
"dateUpdated": "2025-10-21T23:35:41.248Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-15506 (GCVE-0-2020-15506)
Vulnerability from nvd – Published: 2020-07-07 01:43 – Updated: 2024-08-04 13:15
VLAI?
Summary
An authentication bypass vulnerability in MobileIron Core & Connector versions 10.3.0.3 and earlier, 10.4.0.0, 10.4.0.1, 10.4.0.2, 10.4.0.3, 10.5.1.0, 10.5.2.0 and 10.6.0.0 that allows remote attackers to bypass authentication mechanisms via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:15:20.863Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.mobileiron.com/en/blog/mobileiron-security-updates-available"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.mobileiron.com/en/blog/mobileiron-security-updates-available"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An authentication bypass vulnerability in MobileIron Core \u0026 Connector versions 10.3.0.3 and earlier, 10.4.0.0, 10.4.0.1, 10.4.0.2, 10.4.0.3, 10.5.1.0, 10.5.2.0 and 10.6.0.0 that allows remote attackers to bypass authentication mechanisms via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-09-18T16:05:57",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.mobileiron.com/en/blog/mobileiron-security-updates-available"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.mobileiron.com/en/blog/mobileiron-security-updates-available"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-15506",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An authentication bypass vulnerability in MobileIron Core \u0026 Connector versions 10.3.0.3 and earlier, 10.4.0.0, 10.4.0.1, 10.4.0.2, 10.4.0.3, 10.5.1.0, 10.5.2.0 and 10.6.0.0 that allows remote attackers to bypass authentication mechanisms via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.mobileiron.com/en/blog/mobileiron-security-updates-available",
"refsource": "MISC",
"url": "https://www.mobileiron.com/en/blog/mobileiron-security-updates-available"
},
{
"name": "https://www.mobileiron.com/en/blog/mobileiron-security-updates-available",
"refsource": "CONFIRM",
"url": "https://www.mobileiron.com/en/blog/mobileiron-security-updates-available"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-15506",
"datePublished": "2020-07-07T01:43:13",
"dateReserved": "2020-07-02T00:00:00",
"dateUpdated": "2024-08-04T13:15:20.863Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-15507 (GCVE-0-2020-15507)
Vulnerability from nvd – Published: 2020-07-07 01:42 – Updated: 2024-08-04 13:15
VLAI?
Summary
An arbitrary file reading vulnerability in MobileIron Core versions 10.3.0.3 and earlier, 10.4.0.0, 10.4.0.1, 10.4.0.2, 10.4.0.3, 10.5.1.0, 10.5.2.0 and 10.6.0.0 that allows remote attackers to read files on the system via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:15:20.702Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.mobileiron.com/en/blog/mobileiron-security-updates-available"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.mobileiron.com/en/blog/mobileiron-security-updates-available"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An arbitrary file reading vulnerability in MobileIron Core versions 10.3.0.3 and earlier, 10.4.0.0, 10.4.0.1, 10.4.0.2, 10.4.0.3, 10.5.1.0, 10.5.2.0 and 10.6.0.0 that allows remote attackers to read files on the system via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-09-18T16:14:56",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.mobileiron.com/en/blog/mobileiron-security-updates-available"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.mobileiron.com/en/blog/mobileiron-security-updates-available"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-15507",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An arbitrary file reading vulnerability in MobileIron Core versions 10.3.0.3 and earlier, 10.4.0.0, 10.4.0.1, 10.4.0.2, 10.4.0.3, 10.5.1.0, 10.5.2.0 and 10.6.0.0 that allows remote attackers to read files on the system via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.mobileiron.com/en/blog/mobileiron-security-updates-available",
"refsource": "MISC",
"url": "https://www.mobileiron.com/en/blog/mobileiron-security-updates-available"
},
{
"name": "https://www.mobileiron.com/en/blog/mobileiron-security-updates-available",
"refsource": "CONFIRM",
"url": "https://www.mobileiron.com/en/blog/mobileiron-security-updates-available"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-15507",
"datePublished": "2020-07-07T01:42:44",
"dateReserved": "2020-07-02T00:00:00",
"dateUpdated": "2024-08-04T13:15:20.702Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}