MobileIron Log4Shell RCE

Description

Due to vulnerabilities in Log4j library used by MobileIron, an unauthenticated attacker can leak sensitive information or execute arbitrary code on the system.

Remediation

Upgrade to the latest version of MobileIron

References

Security Bulletin:CVE-2021-44228: MobileIron Remote code injection in Log4j

Related Vulnerabilities

PHP version older than 5.2.1

WordPress Plugin Groundhogg-Marketing Automation & CRM for WordPress Remote Code Execution (1.3.4)

WordPress Plugin wSecure Lite Remote Code Execution (2.3)

Oracle Weblogic Async Component Deserialization RCE CVE-2019-2725

MoinMoin CVE-2012-6081 multiple arbitrary code execution vulnerabilities

Severity

High

Classification

CVE-2021-44228 CWE-78 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A