CVE-2014-8778

Name of the Vulnerable Software and Affected Versions Checkmarx CxSAST (formerly CxSuite) versions prior to 7.1.8

Description The issue allows remote authenticated users to bypass the CxQL sandbox protection mechanism. This is achieved by asserting the System.Security.Permissions.PermissionState.Unrestricted or System.Security.Permissions.SecurityPermissionFlag.AllFlags permission, which enables the execution of arbitrary C# code.

Recommendations For versions prior to 7.1.8, update to version 7.1.8 or later to resolve the issue. As a temporary workaround, consider restricting access to the CxQL sandbox to minimize the risk of exploitation.