First published: Tue Jul 07 2020(Updated: )
An authentication bypass vulnerability in MobileIron Core & Connector versions 10.3.0.3 and earlier, 10.4.0.0, 10.4.0.1, 10.4.0.2, 10.4.0.3, 10.5.1.0, 10.5.2.0 and 10.6.0.0 that allows remote attackers to bypass authentication mechanisms via unspecified vectors.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Mobileiron Cloud | <=10.6 | |
MobileIron Core | <=10.6 | |
Mobileiron Enterprise Connector | <=10.6 | |
Mobileiron Reporting Database | <=10.6 | |
Mobileiron Sentry | <=10.6 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2020-15506 is critical, with a severity value of 9.8.
MobileIron Core & Connector versions 10.3.0.3 and earlier, 10.4.0.0, 10.4.0.1, 10.4.0.2, 10.4.0.3, 10.5.1.0, 10.5.2.0 and 10.6.0.0 are affected by CVE-2020-15506.
Remote attackers can exploit CVE-2020-15506 by bypassing authentication mechanisms through unspecified vectors.
Yes, MobileIron has released security updates to address CVE-2020-15506. Users should update to the latest patched versions.
More information about CVE-2020-15506 can be found on the MobileIron website: https://www.mobileiron.com/en/blog/mobileiron-security-updates-available