Vulnerabilities > CVE-2020-15506 - Unspecified vulnerability in Mobileiron products

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

mobileiron

critical

NVD

Published: 2020-07-07

Updated: 2021-07-21

Summary

An authentication bypass vulnerability in MobileIron Core & Connector versions 10.3.0.3 and earlier, 10.4.0.0, 10.4.0.1, 10.4.0.2, 10.4.0.3, 10.5.1.0, 10.5.2.0 and 10.6.0.0 that allows remote attackers to bypass authentication mechanisms via unspecified vectors.

Vulnerable Configurations

Part	Description	Count
Application	Mobileiron Mobileiron Reporting Database - Mobileiron Reporting Database 10.6 Mobileiron Enterprise Connector - Mobileiron Enterprise Connector 10.3.0.3 Mobileiron Enterprise Connector 10.3.0.4 Mobileiron Enterprise Connector 10.4.0.0 Mobileiron Enterprise Connector 10.4.0.1 Mobileiron Enterprise Connector 10.4.0.2 Mobileiron Enterprise Connector 10.4.0.3 Mobileiron Enterprise Connector 10.4.0.4 Mobileiron Enterprise Connector 10.5.1.0 Mobileiron Enterprise Connector 10.5.1.1 Mobileiron Enterprise Connector 10.5.2.0 Mobileiron Enterprise Connector 10.5.2.1 Mobileiron Enterprise Connector 10.6 Mobileiron Cloud - Mobileiron Cloud 10.6 Mobileiron Sentry - Mobileiron Sentry 9.7.0 Mobileiron Sentry 9.7.2 Mobileiron Sentry 9.7.3 Mobileiron Sentry 9.8 Mobileiron Sentry 9.8.0 Mobileiron Sentry 9.8.1 Mobileiron Sentry 10.6 Mobileiron Core - Mobileiron Core 10.3.0.3 Mobileiron Core 10.3.0.4 Mobileiron Core 10.4.0.0 Mobileiron Core 10.4.0.1 Mobileiron Core 10.4.0.2 Mobileiron Core 10.4.0.3 Mobileiron Core 10.4.0.4 Mobileiron Core 10.5.1.0 Mobileiron Core 10.5.1.1 Mobileiron Core 10.5.2.0 Mobileiron Core 10.5.2.1 Mobileiron Core 10.6	38

References

https://www.mobileiron.com/en/blog/mobileiron-security-updates-available