CVE-2021-3540

Published: Jul 22, 2021Modified: Nov 21, 2024

7.2

Vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.2 / Impact: 5.9

Source: NVD

Description

By abusing the 'install rpm info detail' command, an attacker can escape the restricted clish shell on affected versions of Ivanti MobileIron Core. This issue was fixed in version 11.1.0.0.

Affected (2)

Products: Ivanti: Mobileiron

Ivanti

1 product

Mobileiron

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Ivanti Mobileiron	Up to 10.7.0.1-9
Ivanti Mobileiron	From 11.0.0.0 to 11.1.0.0

Related CWEs

CWE-88

Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')

The product constructs a string for a command to be executed by a separate component in another control sphere, but it does not properly delimit the intended arguments, options, or switches within that command string.

References (2)

https://www.rapid7.com/blog/post/2021/06/02/untitled-cve-2021-3198-and-cve-2021-3540-mobileiron-shell-escape-privilege-escalation-vulnerabilities/

Source: cve@rapid7.com

ExploitThird Party Advisory

https://www.rapid7.com/blog/post/2021/06/02/untitled-cve-2021-3198-and-cve-2021-3540-mobileiron-shell-escape-privilege-escalation-vulnerabilities/

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

Timeline

No history available yet.