Vulnerabilities > Mobileiron > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-03-29 | CVE-2020-35137 | Use of Hard-coded Credentials vulnerability in Mobileiron Mobile@Work The MobileIron agents through 2021-03-22 for Android and iOS contain a hardcoded API key, used to communicate with the MobileIron SaaS discovery API, as demonstrated by Mobile@Work (aka com.mobileiron). | 7.5 |
2020-07-07 | CVE-2020-15506 | Improper Authentication vulnerability in Mobileiron products An authentication bypass vulnerability in MobileIron Core & Connector versions 10.3.0.3 and earlier, 10.4.0.0, 10.4.0.1, 10.4.0.2, 10.4.0.3, 10.5.1.0, 10.5.2.0 and 10.6.0.0 that allows remote attackers to bypass authentication mechanisms via unspecified vectors. | 7.5 |