Description

Due to vulnerabilities in Log4j library used by MobileIron, an unauthenticated attacker can leak sensitive information or execute arbitrary code on the system.

Remediation

Upgrade to the latest version of MobileIron

References

Security Bulletin:CVE-2021-44228: MobileIron Remote code injection in Log4j

Related Vulnerabilities

WordPress Plugin Photo Gallery, Images, Slider in Rbs Image Gallery Remote Code Execution (2.0.14)

Sonicwall SMA 100 Unintended proxy (CVE-2021-20042)

PHP-CGI remote code execution

Adobe Commerce/Magento "CosmicSting" XXE (CVE-2024-34102)

WordPress Plugin Gutenberg Block Editor Toolkit-EditorsKit Remote Code Execution (1.31.5)

Severity

High

Classification

CVE-2021-44228 CWE-78 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A

Tags

Acumonitor Code Execution