CVE-2021-3540

High

By abusing the 'install rpm info detail' command, an attacker can escape the restricted clish shell on affected versions of Ivanti…

rapid7·CWE-88·Published 2021-07-22

CVSS

7.2

EPSS

0.03

KEV

Exploits

cve.orgen

189 chars

By abusing the 'install rpm info detail' command, an attacker can escape the restricted clish shell on affected versions of Ivanti MobileIron Core. This issue was fixed in version 11.1.0.0.

NVDen

189 chars

By abusing the 'install rpm info detail' command, an attacker can escape the restricted clish shell on affected versions of Ivanti MobileIron Core. This issue was fixed in version 11.1.0.0.

NVDes

205 chars

Al abusar del comando "install rpm info detail", un atacante puede escapar del shell clish restringido en las versiones afectadas de Ivanti MobileIron Core. Este problema fue corrregido en versión 11.1.0.0

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	9.0	8.0	10.0	AV:N/AC:L/Au:S/C:C/I:C/A:C
3.1	Primary	NVD	7.2	1.2	5.9	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H