Описание
No description is available for this CVE.
Отчет
MITRE has rejected this CVE ID, favoring the use of CVE-2014-0114. This flaw was the root cause of CVE-2014-0114, a flaw in Apache Struts 1 that could lead to unauthenticated remote code execution under certains conditions. Other frameworks built on commons-beanutils, such as Apache Stripes, are likely to expose similar issues. commons-beanutils 1.9.2 has now shipped, including a specialized BeanIntrospector implementation that allows suppressing properties. Frameworks built on commons-beantutils can make use of the new pre-configured SuppressPropertiesBeanIntrospector to address this flaw.
Дополнительная информация
Статус:
7.5 High
CVSS2
Связанные уязвимости
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-0114. Reason: This candidate is a duplicate of CVE-2014-0114. CVE abstraction content decisions did not require a second ID. Notes: All CVE users should reference CVE-2014-0114 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage
7.5 High
CVSS2