7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.008 Low
EPSS
Percentile
78.7%
IBM Security Guardium has fixed this vulnerability.
CVEID:CVE-2014-0107
**DESCRIPTION:**Apache Xalan-Java could allow a remote attacker to bypass security restrictions, caused by the improper handling of output properties. An attacker could exploit this vulnerability to bypass the secure processing feature to load arbitrary restricted classes.
CVSS Base score: 5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/92023 for the current score.
CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:P/A:N)
Affected Product(s) | Version(s) |
---|---|
IBM Security Guardium | 11.0 |
IBM Security Guardium| 11.1
None
CPE | Name | Operator | Version |
---|---|---|---|
ibm security guardium | eq | 11.0 | |
ibm security guardium | eq | 11.1 |