Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
- EPSS 1.94%
- Published 11.07.2014 14:55:04
- Last modified 12.04.2025 10:46:40
Apache Syncope 1.1.x before 1.1.8 uses weak random values to generate passwords, which makes it easier for remote attackers to guess the password via a brute force attack.
6.5
CVE-2014-0111
- EPSS 1.07%
- Published 17.04.2014 14:55:06
- Last modified 12.04.2025 10:46:40
Apache Syncope 1.0.0 before 1.0.9 and 1.1.0 before 1.1.7 allows remote administrators to execute arbitrary Java code via vectors related to Apache Commons JEXL expressions, "derived schema definition," "user / role templates," and "account links of r...