Vulnerabilities > Mobileiron > Virtual Smartphone Platform > Critical

DATE CVE VULNERABILITY TITLE RISK
2020-02-13 CVE-2013-7287 Inadequate Encryption Strength vulnerability in Mobileiron Sentry and Virtual Smartphone Platform
MobileIron VSP < 5.9.1 and Sentry < 5.0 has an insecure encryption scheme.
network
low complexity
mobileiron CWE-326
critical
 9.8
9.8
2020-01-08 CVE-2014-1409 XML Injection (aka Blind XPath Injection) vulnerability in Mobileiron Sentry and Virtual Smartphone Platform
MobileIron VSP versions prior to 5.9.1 and Sentry versions prior to 5.0 have an authentication bypass vulnerability due to an XML file with obfuscated passwords
network
low complexity
mobileiron CWE-91
critical
 9.1
9.1