Vulnerabilities > Mobileiron > High

DATE CVE VULNERABILITY TITLE RISK
2021-03-29 CVE-2020-35137 Use of Hard-coded Credentials vulnerability in Mobileiron Mobile@Work
The MobileIron agents through 2021-03-22 for Android and iOS contain a hardcoded API key, used to communicate with the MobileIron SaaS discovery API, as demonstrated by Mobile@Work (aka com.mobileiron).
network
low complexity
mobileiron CWE-798
7.5
2020-07-07 CVE-2020-15506 Improper Authentication vulnerability in Mobileiron products
An authentication bypass vulnerability in MobileIron Core & Connector versions 10.3.0.3 and earlier, 10.4.0.0, 10.4.0.1, 10.4.0.2, 10.4.0.3, 10.5.1.0, 10.5.2.0 and 10.6.0.0 that allows remote attackers to bypass authentication mechanisms via unspecified vectors.
network
low complexity
mobileiron CWE-287
7.5