Lucene search
RootSSV:62214HistoryApr 17, 2014 - 12:00 a.m.
Apache Syncope特制Commons JEXL表达式远程代码执行漏洞
2014-04-1700:00:00
Root
www.seebug.org
60
0.002 Low
EPSS
Percentile
62.2%
CVE ID:CVE-2014-0111
Apache Syncope是用在企业环境的数字身份管理,在JEE技术的实施和Apache 2.0许可下发布的开源系统。
Apache Syncope处理特制的Apache Commons JEXL表达式存在安全漏洞,允许通过验证的远程攻击者通过运行Apache Syncope core的JEE container来执行任意代码。
0
Apache Syncope 1.0.0
Apache Syncope 1.0.8
Apache Syncope 1.1.0
Apache Syncope 1.1.6
Apache Syncope 1.0.9, 1.1.7版本已修复该漏洞,建议用户下载使用:
http://syncope.apache.org/
Related
nvd
nvd
CVE-2014-0111
2014-04-17 14:55:06
osv
osv
Apache Syncope JEXL Code Injection
2022-05-14 01:18:38
github
github
Apache Syncope JEXL Code Injection
2022-05-14 01:18:38
securityvulns
securityvulns
[SECURITY] CVE-2014-0111 Apache Syncope
2014-05-04 00:00:00
prion
prion
Code injection
2014-04-17 14:55:00
cve
cve
CVE-2014-0111
2014-04-17 14:55:06
cvelist
cvelist
CVE-2014-0111
2014-04-17 14:00:00