Security Advisory

CVE-2014-0111

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2014-04-17 14:00:00

Last updated 2024-08-06 09:05:38

Assigner redhat

State PUBLISHED

Description

Apache Syncope 1.0.0 before 1.0.9 and 1.1.0 before 1.1.7 allows remote administrators to execute arbitrary Java code via vectors related to Apache Commons JEXL expressions, "derived schema definition," "user / role templates," and "account links of resource mappings."

← Browse all CVEs View on cve.org ↗