CVE-2014-0111

EPSS 1.42% · P81 Updated Feb 21, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2014-0111

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Apache Syncope 1.0.0 before 1.0.9 and 1.1.0 before 1.1.7 allows remote administrators to execute arbitrary Java code via vectors related to Apache Commons JEXL expressions, "derived schema definition," "user / role templates," and "account links of resource mappings."

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Apache Syncope 代码注入漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Apache Syncope是美国阿帕奇（Apache）软件基金会的一套用于企业环境中的开源数字身份管理系统。该系统支持身份管理、角色配置等。 Apache Syncope 1.0.0至1.0.8版本和1.1.0至1.1.6版本的Apache Commons JEXL表达式（derived schema definition，user / role templates，account links of resource mappings）中存在安全漏洞。远程攻击者可利用该漏洞执行任意Java代码。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2014-0111

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2014-0111

请登录查看更多情报信息。

http://syncope.apache.org/security.htmlx_refsource_CONFIRM
http://www.securityfocus.com/archive/1/531841/100/0/threadedmailing-listx_refsource_BUGTRAQ
http://mail-archives.us.apache.org/mod_mbox/www-announce/201404.mbox/%3C534CE273.9020601%40apache.org%3Emailing-listx_refsource_MLIST
https://nvd.nist.gov/vuln/detail/CVE-2014-0111

Same Patch Batch · n/a · 2014-04-17 · 20 CVEs total

CVE-2014-0984		SAP Router ‘passwordCheck’函数信息泄露漏洞
CVE-2014-0645		EMC Cloud Tiering Appliance 信任管理漏洞
CVE-2014-0644		EMC Cloud Tiering Appliance XML外部实体注入漏洞
CVE-2014-2880		Oracle Identity Manager 开放重定向漏洞
CVE-2014-2879		Dell SonicWALL Email Security 跨站脚本漏洞
CVE-2014-2707		Apple cups-filters 任意命令执行漏洞
CVE-2014-2469		Oracle Solaris 拒绝服务漏洞
CVE-2014-2310		Net-SNMP 输入验证漏洞
CVE-2014-1933		Python Image Library和Pillow 权限许可和访问控制漏洞
CVE-2014-1932		Python Image Library和Pillow 后置链接漏洞
CVE-2014-2391		Open-Xchange AppSuite 信息泄露漏洞
CVE-2014-0085		Apache Zookeeper 信任管理漏洞
CVE-2014-0071		Red Hat OpenStack 权限许可和访问控制漏洞
CVE-2014-0054		Vmware Spring Framework 跨站请求伪造漏洞
CVE-2014-0036		rbovirt gem for Ruby 加密问题漏洞
CVE-2013-2143		Katello和Red Hat Satellite 输入验证错误漏洞
CVE-2011-3154		Ubuntu Update Manager敏感信息泄露漏洞
CVE-2014-2393		Open-Xchange AppSuite 跨站脚本漏洞
CVE-2014-2392		Open-Xchange AppSuite 信息泄露漏洞

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2014-0111

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2014-0111

I. Basic Information for CVE-2014-0111

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2014-0111

III. Intelligence Information for CVE-2014-0111

Same Patch Batch · n/a · 2014-04-17 · 20 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2014-0111

Leave a comment