Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-8487


Vulnerability Score 4.0 4.0
CVE Id CVE-2014-8487
Last Modified 24 Feb 2015 01:40:55
Published 24 Feb 2015 10:59:01
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE



Kony Management (aka Enterprise Mobile Management or EMM) 1.2 and earlier allows remote authenticated users to read (1) arbitrary messages via the messageId parameter to selfservice/managedevice/getMessageBody or (2) requests via the requestId parameter to selfservice/devicemgmt/getDeviceInfoTab.htm.

Vulnerable Systems


  • Kony Enterprise Mobile Management 1.2


BID - 72714

BUGTRAQ - 20150222 CVE-2014-8487: Kony EMM insecurity Direct Object Reference

Last Updated: 27 May 2016 11:07:54