CVSS: 7.8EPSS: 0%CPEs: 26EXPL: 1CVE-2012-5575 – apache-cxf: XML encryption backwards compatibility attacks
https://notcve.org/view.php?id=CVE-2012-5575
20 May 2013 — Apache CXF 2.5.x before 2.5.10, 2.6.x before CXF 2.6.7, and 2.7.x before CXF 2.7.4 does not verify that a specified cryptographic algorithm is allowed by the WS-SecurityPolicy AlgorithmSuite definition before decrypting, which allows remote attackers to force CXF to use weaker cryptographic algorithms than intended and makes it easier to decrypt communications, aka "XML Encryption backwards compatibility attack." Apache CXF en versiones 2.5.x anteriores a la 2.5.10, 2.6.x anteriores a CXF 2.6.7 y 2.7.x ante... • https://github.com/tafamace/CVE-2012-5575 • CWE-310: Cryptographic Issues CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 6.4EPSS: 0%CPEs: 26EXPL: 0CVE-2013-0239 – apache-cxf: UsernameTokenPolicyValidator and UsernameTokenInterceptor allow empty passwords to authenticate
https://notcve.org/view.php?id=CVE-2013-0239
12 Mar 2013 — Apache CXF before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3, when the plaintext UsernameToken WS-SecurityPolicy is enabled, allows remote attackers to bypass authentication via a security header of a SOAP request containing a UsernameToken element that lacks a password child element. Apache CXF anterior a v2.5.9, v2.6.x anterior a v2.6.6, y v2.7.x anterior a v2.7.3, cuando está activado sernameToken WS-SecurityPolicy en texto plano, permite a atacantes remotos evitar la autenticación a través de una... • http://cxf.apache.org/cve-2013-0239.html • CWE-287: Improper Authentication •
CVSS: 6.4EPSS: 0%CPEs: 15EXPL: 0CVE-2012-5633 – apache-cxf: Bypass of security constraints on WS endpoints when using WSS4JInInterceptor
https://notcve.org/view.php?id=CVE-2012-5633
12 Mar 2013 — The URIMappingInterceptor in Apache CXF before 2.5.8, 2.6.x before 2.6.5, and 2.7.x before 2.7.2, when using the WSS4JInInterceptor, bypasses WS-Security processing, which allows remote attackers to obtain access to SOAP services via an HTTP GET request. El URIMappingInterceptor en Apache CXF anterior a v2.5.8, v2.6.x anterior a v2.6.5, y v2.7.x anterior a v2.7.2, cuando utiliza el WSS4JInInterceptor, evita el procesamiento de WS-Security, lo que permite a atacantes remotos obtener acceso a los servicios SO... • http://cxf.apache.org/cve-2012-5633.html • CWE-287: Improper Authentication •
CVSS: 4.3EPSS: 0%CPEs: 7EXPL: 0CVE-2012-2378 – apache-cxf: Certain child policies of WS-SecurityPolicy 1.1 SupportingToken policy not applied on the client side
https://notcve.org/view.php?id=CVE-2012-2378
05 Jan 2013 — Apache CXF 2.4.5 through 2.4.7, 2.5.1 through 2.5.3, and 2.6.x before 2.6.1, does not properly enforce child policies of a WS-SecurityPolicy 1.1 SupportingToken policy on the client side, which allows remote attackers to bypass the (1) AlgorithmSuite, (2) SignedParts, (3) SignedElements, (4) EncryptedParts, and (5) EncryptedElements policies. Apache CXF v2.4.5 hasta v2.4.7, v2.5.1 hasta v2.5.3, y v2.6.x anteriores a v2.6.1, no refuerza de forma adecuada las politicas hijo de un política WS-SecurityPolicy 1.... • http://cxf.apache.org/cve-2012-2378.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 10.0EPSS: 0%CPEs: 13EXPL: 0CVE-2012-2379 – apache-cxf: Apache CXF does not verify that elements were signed / encrypted by a particular Supporting Token
https://notcve.org/view.php?id=CVE-2012-2379
03 Jan 2013 — Apache CXF 2.4.x before 2.4.8, 2.5.x before 2.5.4, and 2.6.x before 2.6.1, when a Supporting Token specifies a child WS-SecurityPolicy 1.1 or 1.2 policy, does not properly ensure that an XML element is signed or encrypted, which has unspecified impact and attack vectors. Apache CXF v2.4.x antes de v2.4.8, v2.5.x antes de v2.5.4, y v2.6.x antes de v2.6.1, cuando un Supporting Token especifica una política hija WS-SecurityPolicy 1.1 o 1.2, no se aseguran de que un elemento XML está firmado o cifrado, lo que t... • http://cxf.apache.org/cve-2012-2379.html •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2012-5786
https://notcve.org/view.php?id=CVE-2012-5786
04 Nov 2012 — The wsdl_first_https sample code in distribution/src/main/release/samples/wsdl_first_https/src/main/ in Apache CXF before 2.7.0 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate. NOTE: The vendor states that the sample had specifically used a flag to bypass the DN check ** EN DISPUTA ** El código de ejemplo wsdl_firs... • http://www.cs.utexas.edu/~shmat/shmat_ccs12.pdf • CWE-20: Improper Input Validation •
CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0CVE-2012-3451 – apache-cxf: SOAPAction spoofing on document literal web services
https://notcve.org/view.php?id=CVE-2012-3451
24 Sep 2012 — Apache CXF before 2.4.9, 2.5.x before 2.5.5, and 2.6.x before 2.6.2 allows remote attackers to execute unintended web-service operations by sending a header with a SOAP Action String that is inconsistent with the message body. Apache CXF antes de v2.4.9, v2.5.x antes de v2.5.5, y v2.6.x antes de v2.6.2 permiten a tacantes remotos ejecutar operaciones de web-services no inesperadas enviando una cabecera con una cadena de acción SOAP que es inconsistente con el cuerpo del mensaje. • http://cxf.apache.org/cve-2012-3451.html • CWE-20: Improper Input Validation •