CVE-2020-15507

An arbitrary file reading vulnerability in MobileIron Core versions 10.3.0.3 and earlier, 10.4.0.0, 10.4.0.1, 10.4.0.2, 10.4.0.3, 10.5.1.0, 10.5.2.0 and 10.6.0.0 that allows remote attackers to read files on the system via unspecified vectors.

Published: Jul 7, 2020
Updated: Apr 13, 2023
CVE: CVE-2020-15507
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.5
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:P/I:N/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
mobileiron / reporting_database	-	10.6.x
mobileiron / enterprise_connector	-	10.6.x
mobileiron / cloud	-	10.6.x
mobileiron / sentry	-	10.6.x
mobileiron / core	-	10.6.x

https://www.mobileiron.com/en/blog/mobileiron-security-updates-available

Vulnerability Database

289,782

CVE-2020-15507