Vulnerability: Command Injection in Ivanti MobileIron Core's 'install rpm url' Command
CVE-2021-3198 · HIGH Severity
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
By abusing the 'install rpm url' command, an attacker can escape the restricted clish shell on affected versions of Ivanti MobileIron Core. This issue was fixed in version 11.1.0.0.
Learn more about our Mobile App Penetration Testing.