← Zuruck zu CVEs
CVE-2014-1409
CRITICAL9.1
Beschreibung
MobileIron VSP versions prior to 5.9.1 and Sentry versions prior to 5.0 have an authentication bypass vulnerability due to an XML file with obfuscated passwords
CVE Details
CVSS v3.1 Bewertung9.1
SchweregradCRITICAL
CVSS VektorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
AngriffsvektorNETWORK
KomplexitatLOW
Erforderliche PrivilegienNONE
BenutzerinteraktionNONE
Veroffentlicht1/8/2020
Zuletzt geandert11/21/2024
Quellenvd
Honeypot-Sichtungen0
Betroffene Produkte
mobileiron:sentrymobileiron:virtual_smartphone_platform
Schwachen (CWE)
CWE-91
Referenzen
http://seclists.org/fulldisclosure/2014/Apr/21(cve@mitre.org)
https://exchange.xforce.ibmcloud.com/vulnerabilities/92351(cve@mitre.org)
https://packetstormsecurity.com/files/cve/CVE-2014-1409(cve@mitre.org)
http://seclists.org/fulldisclosure/2014/Apr/21(af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/92351(af854a3a-2127-422b-91ae-364da2661108)
https://packetstormsecurity.com/files/cve/CVE-2014-1409(af854a3a-2127-422b-91ae-364da2661108)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.