VYPR

Synapse

by Apache

Source repositories

CVEs (1)

  • CVE-2017-15708CriDec 11, 2017
    risk 0.65cvss 9.8epss 0.18

    In Apache Synapse, by default no authentication is required for Java Remote Method Invocation (RMI). So Apache Synapse 3.0.1 or all previous releases (3.0.0, 2.1.0, 2.0.0, 1.2, 1.1.2, 1.1.1) allows remote code execution attacks that can be performed by injecting specially…