cbcvebase.

Mobileiron Sentry vulnerabilities

5 known vulnerabilities affecting mobileiron/sentry.

Total CVEs
5
CISA KEV
1
actively exploited
Public exploits
1
Exploited in wild
1
Severity breakdown
CRITICAL4HIGH1

Vulnerabilities

Page 1 of 1
CVE-2020-15505P1CRITICALCVSS 9.8KEVPoC≥ 9.7.0, < 9.7.3≥ 9.8.0, < 9.8.12020-07-07
CVE-2020-15505 [CRITICAL] CWE-706 CVE-2020-15505: A remote code execution vulnerability in MobileIron Core & Connector versions 10.3.0.3 and earlier, A remote code execution vulnerability in MobileIron Core & Connector versions 10.3.0.3 and earlier, 10.4.0.0, 10.4.0.1, 10.4.0.2, 10.4.0.3, 10.5.1.0, 10.5.2.0 and 10.6.0.0; and Sentry versions 9.7.2 and earlier, and 9.8.0; and Monitor and Reporting Database (RDB) version 2.0.0.1 and earlier that allows remote attackers to execute arbitrary code via
nvd
CVE-2014-1409P2CRITICALCVSS 9.1fixed in 5.02020-01-08
CVE-2014-1409 [CRITICAL] CWE-91 CVE-2014-1409: MobileIron VSP versions prior to 5.9.1 and Sentry versions prior to 5.0 have an authentication bypas MobileIron VSP versions prior to 5.9.1 and Sentry versions prior to 5.0 have an authentication bypass vulnerability due to an XML file with obfuscated passwords
nvd
CVE-2020-15506P3CRITICALCVSS 9.8≤ 10.62020-07-07
CVE-2020-15506 [CRITICAL] CVE-2020-15506: An authentication bypass vulnerability in MobileIron Core & Connector versions 10.3.0.3 and earlier, An authentication bypass vulnerability in MobileIron Core & Connector versions 10.3.0.3 and earlier, 10.4.0.0, 10.4.0.1, 10.4.0.2, 10.4.0.3, 10.5.1.0, 10.5.2.0 and 10.6.0.0 that allows remote attackers to bypass authentication mechanisms via unspecified vectors.
nvd
CVE-2020-15507P3HIGHCVSS 7.5≤ 10.62020-07-07
CVE-2020-15507 [HIGH] CVE-2020-15507: An arbitrary file reading vulnerability in MobileIron Core versions 10.3.0.3 and earlier, 10.4.0.0, An arbitrary file reading vulnerability in MobileIron Core versions 10.3.0.3 and earlier, 10.4.0.0, 10.4.0.1, 10.4.0.2, 10.4.0.3, 10.5.1.0, 10.5.2.0 and 10.6.0.0 that allows remote attackers to read files on the system via unspecified vectors.
nvd
CVE-2013-7287P3CRITICALCVSS 9.8fixed in 5.02020-02-13
CVE-2013-7287 [CRITICAL] CWE-326 CVE-2013-7287: MobileIron VSP < 5.9.1 and Sentry < 5.0 has an insecure encryption scheme. MobileIron VSP < 5.9.1 and Sentry < 5.0 has an insecure encryption scheme.
nvd
Mobileiron Sentry vulnerabilities | cvebase