← Voltar para CVEs
CVE-2014-1409
CRITICAL9.1
Descricao
MobileIron VSP versions prior to 5.9.1 and Sentry versions prior to 5.0 have an authentication bypass vulnerability due to an XML file with obfuscated passwords
Detalhes CVE
Pontuacao CVSS v3.19.1
SeveridadeCRITICAL
Vetor CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Vetor de ataqueNETWORK
ComplexidadeLOW
Privilegios necessariosNONE
Interacao do usuarioNONE
Publicado1/8/2020
Ultima modificacao11/21/2024
Fontenvd
Avistamentos honeypot0
Produtos afetados
mobileiron:sentrymobileiron:virtual_smartphone_platform
Fraquezas (CWE)
CWE-91
Referencias
http://seclists.org/fulldisclosure/2014/Apr/21(cve@mitre.org)
https://exchange.xforce.ibmcloud.com/vulnerabilities/92351(cve@mitre.org)
https://packetstormsecurity.com/files/cve/CVE-2014-1409(cve@mitre.org)
http://seclists.org/fulldisclosure/2014/Apr/21(af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/92351(af854a3a-2127-422b-91ae-364da2661108)
https://packetstormsecurity.com/files/cve/CVE-2014-1409(af854a3a-2127-422b-91ae-364da2661108)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.