CVE-2014-0111
Description
Apache Syncope 1.0.0 before 1.0.9 and 1.1.0 before 1.1.7 allows remote administrators to execute arbitrary Java code via vectors related to Apache Commons JEXL expressions, derived schema definition, user / role templates, and account links of resource mappings.
Risk Information
Base Score
8.6
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
EPSS Score
Exploitation Probability
1.067
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2014-0111 are fixed in Apache - syncope 1.0.9 | Windows |
| Vulnerabilities CVE-2014-0111 are fixed in Apache - syncope 1.1.7 | Windows |
| Vulnerabilities CVE-2014-0111 are fixed in Apache - syncope for Linux 1.0.9 | Linux |
| Vulnerabilities CVE-2014-0111 are fixed in Apache - syncope for Linux 1.1.7 | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234