Back to search
CVE-2014-0111
Published: Apr 17, 2014
Modified: Aug 6, 2024
PUBLISHED
Description
Apache Syncope 1.0.0 before 1.0.9 and 1.1.0 before 1.1.7 allows remote administrators to execute arbitrary Java code via vectors related to Apache Commons JEXL expressions, "derived schema definition," "user / role templates," and "account links of resource mappings."
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
[www-announce] 20140415 [SECURITY] CVE-2014-0111 Apache Syncope
mailing-list
x_refsource_MLIST
http://syncope.apache.org/security.html
x_refsource_CONFIRM
20140415 [SECURITY] CVE-2014-0111 Apache Syncope
mailing-list
x_refsource_BUGTRAQ
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now