Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2018-1321

CWE-20Improper Input ValidationCWE-1321Prototype PollutionCWE-400Uncontrolled Resource ConsumptionCWE-471CWE-502Deserialization of Untrusted DataCWE-915CWE-28515 documents6 sources
Severity
7.2HIGH
EPSS
6.4%
top 8.97%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
2
Apache SyncopeApache Software Foundation Apache Syncope
Timeline
PublishedMar 20
Latest updateFeb 17

Description

An administrator with report and template entitlements in Apache Syncope 1.2.x before 1.2.11, 2.0.x before 2.0.8, and unsupported releases 1.0.x and 1.1.x which may be also affected, can use XSL Transformations (XSLT) to perform malicious operations, including but not limited to file read, file write, and code execution.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HExploitability: 1.2 | Impact: 5.9

Affected Packages3 packages

NVDapache/syncope1.2.01.2.11+18
Mavenorg.apache.syncope:syncope-core2.0.02.0.8+1
CVEListV5apache_software_foundation/apache_syncopeReleases prior to 1.2.11, Releases prior to 2.0.8, The unsupported Releases 1.0.x, 1.1.x may be also affected.+1

🔴Vulnerability Details

12
GHSA
Dynamic modification of RPyC service due to missing security check2021-02-17
GHSA
Phar object injection in PHPMailer2020-03-05
GHSA
Prototype Pollution in mpath2019-02-07
GHSA
Prototype Pollution in just-extend2019-02-07
OSV
High severity vulnerability that affects org.apache.syncope:syncope-core2018-11-06

💥Exploits & PoCs

1
Exploit-DB
Apache Syncope 2.0.7 - Remote Code Execution2018-09-13

💬Community

1
Bugzilla
CVE-2018-6118 chromium-browser: Use after free in Media Cache2018-05-02
CVE-2018-1321 (HIGH CVSS 7.2) | An administrator with report and te | cvebase.io