Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The MobileIron agents through 2021-03-22 for Android and iOS contain a hardcoded API key, used to communicate with the MobileIron SaaS discovery API, as demonstrated by Mobile@Work (aka com.mobileiron). The key is in com/mobileiron/registration/RegisterActivity.java and can be used for api/v1/gateway/customers/servers requests. NOTE: Vendor states that this is an opt-in feature to the product - it is not enabled by default and customers cannot enable it without an explicit email to support. At this time, they do not plan change to make any changes to this feature.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
MobileIron agents 信任管理问题漏洞
Vulnerability Description
MobileIron agents是美国思可信(MobileIron)公司的一个应用软件。用于MobileIron代理。 MobileIron agents 2021-03-22之前版本存在信任管理问题漏洞,该漏洞源于包含一个硬编码的API密钥,用于与MobileIron SaaS发现API进行通信。
CVSS Information
N/A
Vulnerability Type
N/A