VYPR
High severityNVD Advisory· Published Jan 25, 2014· Updated Jun 17, 2026

CVE-2014-1202

CVE-2014-1202

Description

The WSDL/WADL import functionality in SoapUI before 4.6.4 allows remote attackers to execute arbitrary Java code via a crafted request parameter in a WSDL file.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
com.smartbear.soapui:soapuiMaven
< 4.6.44.6.4

Affected products

18
  • Eviware/Soapui6 versions
    cpe:2.3:a:eviware:soapui:2.5.1:*:*:*:*:*:*:*+ 5 more
    • cpe:2.3:a:eviware:soapui:2.5.1:*:*:*:*:*:*:*
    • cpe:2.3:a:eviware:soapui:3.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:eviware:soapui:3.5:*:*:*:*:*:*:*
    • cpe:2.3:a:eviware:soapui:3.5.1:*:*:*:*:*:*:*
    • cpe:2.3:a:eviware:soapui:3.6:*:*:*:*:*:*:*
    • cpe:2.3:a:eviware:soapui:3.6.1:*:*:*:*:*:*:*
  • Smartbear/Soapui11 versions
    cpe:2.3:a:smartbear:soapui:*:*:*:*:*:*:*:*+ 10 more
    • cpe:2.3:a:smartbear:soapui:*:*:*:*:*:*:*:*range: <=4.6.3
    • cpe:2.3:a:smartbear:soapui:4.0:*:*:*:*:*:*:*
    • cpe:2.3:a:smartbear:soapui:4.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:smartbear:soapui:4.0:beta1:*:*:*:*:*:*
    • cpe:2.3:a:smartbear:soapui:4.0:beta2:*:*:*:*:*:*
    • cpe:2.3:a:smartbear:soapui:4.5:*:*:*:*:*:*:*
    • cpe:2.3:a:smartbear:soapui:4.5.1:*:*:*:*:*:*:*
    • cpe:2.3:a:smartbear:soapui:4.5.2:*:*:*:*:*:*:*
    • cpe:2.3:a:smartbear:soapui:4.6.0:*:*:*:*:*:*:*
    • cpe:2.3:a:smartbear:soapui:4.6.1:*:*:*:*:*:*:*
    • cpe:2.3:a:smartbear:soapui:4.6.2:*:*:*:*:*:*:*
  • ghsa-coords
    Range: < 4.6.4

Patches

Vulnerability mechanics

References

8

News mentions

0

No linked articles in our index yet.