CVEs-PoC/2021/CVE-2021-3198.md

### [CVE-2021-3198](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3198)
![](https://img.shields.io/static/v1?label=Product&message=MobileIron%20Core&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=10.7.0.1-9%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=11.0.0.1-3%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-78%20OS%20Command%20Injection&color=brightgreen)

### Description

By abusing the 'install rpm url' command, an attacker can escape the restricted clish shell on affected versions of Ivanti MobileIron Core. This issue was fixed in version 11.1.0.0.

### POC

#### Reference
- https://www.rapid7.com/blog/post/2021/06/02/untitled-cve-2021-3198-and-cve-2021-3540-mobileiron-shell-escape-privilege-escalation-vulnerabilities/

#### Github
No PoCs found on GitHub currently.