Lucene search
Veracode Vulnerability DatabaseVERACODE:5949HistoryMar 20, 2018 - 2:35 a.m.
Remote Code Execution (RCE)
2018-03-2002:35:09
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
5
0.012 Low
EPSS
Percentile
85.5%
apache-syncope is vulnerable to remote code execution (RCE) attacks. A malicious administrator user can with report and template permissions can use XSL Transformations (XSLT) to inject and execute arbitrary code.
References
Related
osv
osv
CVE-2018-1321
2018-03-20 17:29:00
High severity vulnerability that affects org.apache.syncope:syncope-core
2018-11-06 23:17:27
nvd
nvd
CVE-2018-1321
2018-03-20 17:29:00
github
github
High severity vulnerability that affects org.apache.syncope:syncope-core
2018-11-06 23:17:27
prion
prion
Remote code execution
2018-03-20 17:29:00
cve
cve
CVE-2018-1321
2018-03-21 00:00:00
cvelist
cvelist
CVE-2018-1321
2018-03-21 00:00:00
zdt
zdt
Apache Syncope 2.0.7 Remote Code Execution Exploit
2018-09-15 00:00:00
f5
f5
K49033153 : Apache Syncope vulnerabilities CVE-2018-1321 and CVE-2018-1322
2018-07-17 00:00:00
exploitpack
exploitpack
Apache Syncope 2.0.7 - Remote Code Execution
2018-09-13 00:00:00
exploitdb
exploitdb
Apache Syncope 2.0.7 - Remote Code Execution
2018-09-13 00:00:00
packetstorm
packetstorm
Apache Syncope 2.0.7 Remote Code Execution
2018-09-15 00:00:00