CVE-2013-7287
https://notcve.org/view.php?id=CVE-2013-7287
MobileIron VSP < 5.9.1 and Sentry < 5.0 has an insecure encryption scheme. MobileIron VSP versiones anteriores a 5.9.1 y Sentry versiones anteriores a 5.0, presentan un esquema de cifrado no seguro. • http://seclists.org/fulldisclosure/2014/Apr/21 https://www.securityfocus.com/archive/1/531713 • CWE-326: Inadequate Encryption Strength •
CVE-2014-1409 – MobileIron VSP / Sentry Authentication Bypass
https://notcve.org/view.php?id=CVE-2014-1409
MobileIron VSP versions prior to 5.9.1 and Sentry versions prior to 5.0 have an authentication bypass vulnerability due to an XML file with obfuscated passwords MobileIron VSP versiones anteriores a la versión 5.9.1 y Sentry versiones anteriores a la versión 5.0, tienen una vulnerabilidad de omisión de autenticación debido a un archivo XML con contraseñas ofuscadas. MobileIron VSP versions prior to 5.9.1 and Sentry versions prior to 5.0 suffer from password obfuscation and XPath injection vulnerabilities. • http://seclists.org/fulldisclosure/2014/Apr/21 https://exchange.xforce.ibmcloud.com/vulnerabilities/92351 https://packetstormsecurity.com/files/cve/CVE-2014-1409 • CWE-91: XML Injection (aka Blind XPath Injection) •