CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 0CVE-2014-3623 – CXF: Improper security semantics enforcement of SAML SubjectConfirmation methods
https://notcve.org/view.php?id=CVE-2014-3623
30 Oct 2014 — Apache WSS4J before 1.6.17 and 2.x before 2.0.2, as used in Apache CXF 2.7.x before 2.7.13 and 3.0.x before 3.0.2, when using TransportBinding, does not properly enforce the SAML SubjectConfirmation method security semantics, which allows remote attackers to conduct spoofing attacks via unspecified vectors. Apache WSS4J anterior a versión 1.6.17 y versiones 2.x anteriores a 2.0.2, tal y como es usado en Apache CXF versiones 2.7.x anteriores a 2.7.13 y versiones 3.0.x anteriores a 3.0.2, cuando se usa Transp... • http://rhn.redhat.com/errata/RHSA-2015-0236.html • CWE-287: Improper Authentication CWE-347: Improper Verification of Cryptographic Signature •
CVSS: 5.3EPSS: 1%CPEs: 11EXPL: 0CVE-2014-3584 – CXF: Denial of Service (DoS) via invalid JAX-RS SAML tokens
https://notcve.org/view.php?id=CVE-2014-3584
30 Oct 2014 — The SamlHeaderInHandler in Apache CXF before 2.6.11, 2.7.x before 2.7.8, and 3.0.x before 3.0.1 allows remote attackers to cause a denial of service (infinite loop) via a crafted SAML token in the authorization header of a request to a JAX-RS service. SamlHeaderInHandler en Apache CXF anterior a 2.6.11, 2.7.x anterior a 2.7.8, y 3.0.x anterior a 3.0.1 permite a atacantes remotos causar una denegación de servicio (bucle infinito) a través de un token SAML manipulado en la cabecera de autorización de una soli... • http://cxf.apache.org/security-advisories.data/CVE-2014-3584.txt.asc • CWE-399: Resource Management Errors CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 4.3EPSS: 0%CPEs: 25EXPL: 0CVE-2014-0035 – CXF: UsernameTokens are sent in plaintext with a Symmetric EncryptBeforeSigning policy
https://notcve.org/view.php?id=CVE-2014-0035
26 Jun 2014 — The SymmetricBinding in Apache CXF before 2.6.13 and 2.7.x before 2.7.10, when EncryptBeforeSigning is enabled and the UsernameToken policy is set to an EncryptedSupportingToken, transmits the UsernameToken in cleartext, which allows remote attackers to obtain sensitive information by sniffing the network. SymmetricBinding en Apache CXF anterior a 2.6.13 y 2.7.x anterior a 2.7.10, cuando EncryptBeforeSigning está habilitado y la política UsernameToken está configurada en un EncryptedSupportingToken, transmi... • http://cxf.apache.org/security-advisories.data/CVE-2014-0035.txt.asc • CWE-310: Cryptographic Issues CWE-522: Insufficiently Protected Credentials •
CVSS: 4.3EPSS: 0%CPEs: 23EXPL: 0CVE-2014-0034 – CXF: The SecurityTokenService accepts certain invalid SAML Tokens as valid
https://notcve.org/view.php?id=CVE-2014-0034
26 Jun 2014 — The SecurityTokenService (STS) in Apache CXF before 2.6.12 and 2.7.x before 2.7.9 does not properly validate SAML tokens when caching is enabled, which allows remote attackers to gain access via an invalid SAML token. SecurityTokenService (STS) en Apache CXF anterior a 2.6.12 y 2.7.x anterior a 2.7.9 no valida debidamente los tokens SAML cuando el cacheo está habilitado, lo que permite a atacantes remotos ganar acceso a través de un token SAML inválido. It was found that the SecurityTokenService (STS), prov... • http://cxf.apache.org/security-advisories.data/CVE-2014-0034.txt.asc • CWE-20: Improper Input Validation CWE-345: Insufficient Verification of Data Authenticity •
CVSS: 4.3EPSS: 0%CPEs: 43EXPL: 0CVE-2014-0109 – CXF: HTML content posted to SOAP endpoint could cause OOM errors
https://notcve.org/view.php?id=CVE-2014-0109
08 May 2014 — Apache CXF before 2.6.14 and 2.7.x before 2.7.11 allows remote attackers to cause a denial of service (memory consumption) via a large request with the Content-Type set to text/html to a SOAP endpoint, which triggers an error. Apache CXF anterior a 2.6.14 y 2.7.x anterior a 2.7.11 permite a atacantes remotos causar una denegación de servicio (consumo de memoria) a través de una solicitud grande con la configuración Content-Type hacia text/html hacia un endpoint SOAP, lo que provoca un error. A denial of ser... • http://rhn.redhat.com/errata/RHSA-2014-1351.html • CWE-399: Resource Management Errors CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 4.3EPSS: 0%CPEs: 43EXPL: 0CVE-2014-0110 – CXF: Large invalid content could cause temporary space to fill
https://notcve.org/view.php?id=CVE-2014-0110
08 May 2014 — Apache CXF before 2.6.14 and 2.7.x before 2.7.11 allows remote attackers to cause a denial of service (/tmp disk consumption) via a large invalid SOAP message. Apache CXF anterior a 2.6.14 y 2.7.x anterior a 2.7.11 permite a atacantes remotos causar una denegación de servicio (consumo de disco /tmp) a través de un mensaje SOAP grande inválido. It was found that when a large invalid SOAP message was processed by Apache CXF, it could be saved to a temporary file in the /tmp directory. A remote attacker could ... • http://cxf.apache.org/security-advisories.data/CVE-2014-0110.txt.asc?version=1&modificationDate=1398873378628&api=v2 • CWE-399: Resource Management Errors CWE-400: Uncontrolled Resource Consumption •
CVSS: 5.3EPSS: 3%CPEs: 21EXPL: 2CVE-2013-2160 – Apache CXF < 2.5.10/2.6.7/2.7.4 - Denial of Service
https://notcve.org/view.php?id=CVE-2013-2160
09 Jul 2013 — The streaming XML parser in Apache CXF 2.5.x before 2.5.10, 2.6.x before 2.6.7, and 2.7.x before 2.7.4 allows remote attackers to cause a denial of service (CPU and memory consumption) via crafted XML with a large number of (1) elements, (2) attributes, (3) nested constructs, and possibly other vectors. El analizador de secuencias XML en Apache CXF versiones 2.5.x anteriores a 2.5.10, versiones 2.6.x anteriores a 2.6.7 y versiones 2.7.x anteriores a 2.7.4, permite a los atacantes remotos causar una denegaci... • https://packetstorm.news/files/id/122337 • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 0%CPEs: 12EXPL: 0CVE-2011-2487 – jbossws: Prone to Bleichenbacher attack against to be distributed symmetric key
https://notcve.org/view.php?id=CVE-2011-2487
18 Jun 2013 — The implementations of PKCS#1 v1.5 key transport mechanism for XMLEncryption in JBossWS and Apache WSS4J before 1.6.5 is susceptible to a Bleichenbacher attack. Las implementaciones del mecanismo de transporte de claves PKCS#1 versión v1.5 para XMLEncryption en JBossWS y Apache WSS4J versiones anteriores a 1.6.5, son susceptibles a un ataque de tipo Bleichenbacher A flaw was found in JBoss web services where the services used a weak symmetric encryption protocol, PKCS#1 v1.5. An attacker could use this weak... • http://cxf.apache.org/note-on-cve-2011-2487.html • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 7.8EPSS: 0%CPEs: 26EXPL: 1CVE-2012-5575 – apache-cxf: XML encryption backwards compatibility attacks
https://notcve.org/view.php?id=CVE-2012-5575
20 May 2013 — Apache CXF 2.5.x before 2.5.10, 2.6.x before CXF 2.6.7, and 2.7.x before CXF 2.7.4 does not verify that a specified cryptographic algorithm is allowed by the WS-SecurityPolicy AlgorithmSuite definition before decrypting, which allows remote attackers to force CXF to use weaker cryptographic algorithms than intended and makes it easier to decrypt communications, aka "XML Encryption backwards compatibility attack." Apache CXF en versiones 2.5.x anteriores a la 2.5.10, 2.6.x anteriores a CXF 2.6.7 y 2.7.x ante... • https://github.com/tafamace/CVE-2012-5575 • CWE-310: Cryptographic Issues CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 6.4EPSS: 0%CPEs: 26EXPL: 0CVE-2013-0239 – apache-cxf: UsernameTokenPolicyValidator and UsernameTokenInterceptor allow empty passwords to authenticate
https://notcve.org/view.php?id=CVE-2013-0239
12 Mar 2013 — Apache CXF before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3, when the plaintext UsernameToken WS-SecurityPolicy is enabled, allows remote attackers to bypass authentication via a security header of a SOAP request containing a UsernameToken element that lacks a password child element. Apache CXF anterior a v2.5.9, v2.6.x anterior a v2.6.6, y v2.7.x anterior a v2.7.3, cuando está activado sernameToken WS-SecurityPolicy en texto plano, permite a atacantes remotos evitar la autenticación a través de una... • http://cxf.apache.org/cve-2013-0239.html • CWE-287: Improper Authentication •