Lucene search
ApacheCVELIST:CVE-2018-1322HistoryMar 21, 2018 - 12:00 a.m.
CVE-2018-1322
2018-03-2100:00:00
apache
www.cve.org
An administrator with user search entitlements in Apache Syncope 1.2.x before 1.2.11, 2.0.x before 2.0.8, and unsupported releases 1.0.x and 1.1.x which may be also affected, can recover sensitive security values using the fiql and orderby parameters.
CNA Affected
[
{
"product": "Apache Syncope",
"vendor": "Apache Software Foundation",
"versions": [
{
"status": "affected",
"version": "Releases prior to 1.2.11, Releases prior to 2.0.8"
},
{
"status": "affected",
"version": "The unsupported Releases 1.0.x, 1.1.x may be also affected."
}
]
}
]Related
cve
cve
CVE-2018-1322
2018-03-21 00:00:00
nvd
nvd
CVE-2018-1322
2018-03-20 17:29:00
github
github
osv
osv
Exposure of Sensitive Information to an Unauthorized Actor in Apache syncope-cope
2018-11-06 23:17:25
CVE-2018-1322
2018-03-20 17:29:00
veracode
veracode
Information Disclosure
2018-03-20 08:09:08
prion
prion
Design/Logic Flaw
2018-03-20 17:29:00
exploitpack
exploitpack
Apache Syncope 2.0.7 - Remote Code Execution
2018-09-13 00:00:00
f5
f5
K49033153 : Apache Syncope vulnerabilities CVE-2018-1321 and CVE-2018-1322
2018-07-17 00:00:00
packetstorm
packetstorm
Apache Syncope 2.0.7 Remote Code Execution
2018-09-15 00:00:00
exploitdb
exploitdb
Apache Syncope 2.0.7 - Remote Code Execution
2018-09-13 00:00:00