MobileIron VSP < 5.9.1 and Sentry < 5.0 has an insecure encryption scheme.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HMobileiron Sentry
APPMobileiron< 5.0Mobileiron Virtual Smartphone Platform
APPMobileiron< 5.9.1
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
Related vulnerabilities
CVE-2020-15505CRITICAL9.8⚠ KEVten sam produkt
A remote code execution vulnerability in MobileIron Core & Connector versions 10.3.0.3 and earlier, 10.4.0.0, ...
CVE-2020-15506CRITICAL9.8ten sam produkt
An authentication bypass vulnerability in MobileIron Core & Connector versions 10.3.0.3 and earlier, 10.4.0.0,...
CVE-2014-1409CRITICAL9.1ten sam produkt
MobileIron VSP versions prior to 5.9.1 and Sentry versions prior to 5.0 have an authentication bypass vulnerab...
CVE-2020-15507HIGH7.5ten sam produkt
An arbitrary file reading vulnerability in MobileIron Core versions 10.3.0.3 and earlier, 10.4.0.0, 10.4.0.1, ...
CVE-2020-35138CRITICAL9.8ten sam vendor
The MobileIron agents through 2021-03-22 for Android and iOS contain a hardcoded encryption key, used to encry...