CVSS: 6.4EPSS: 0%CPEs: 15EXPL: 0CVE-2012-5633 – apache-cxf: Bypass of security constraints on WS endpoints when using WSS4JInInterceptor
https://notcve.org/view.php?id=CVE-2012-5633
12 Mar 2013 — The URIMappingInterceptor in Apache CXF before 2.5.8, 2.6.x before 2.6.5, and 2.7.x before 2.7.2, when using the WSS4JInInterceptor, bypasses WS-Security processing, which allows remote attackers to obtain access to SOAP services via an HTTP GET request. El URIMappingInterceptor en Apache CXF anterior a v2.5.8, v2.6.x anterior a v2.6.5, y v2.7.x anterior a v2.7.2, cuando utiliza el WSS4JInInterceptor, evita el procesamiento de WS-Security, lo que permite a atacantes remotos obtener acceso a los servicios SO... • http://cxf.apache.org/cve-2012-5633.html • CWE-287: Improper Authentication •
CVSS: 4.3EPSS: 0%CPEs: 7EXPL: 0CVE-2012-2378 – apache-cxf: Certain child policies of WS-SecurityPolicy 1.1 SupportingToken policy not applied on the client side
https://notcve.org/view.php?id=CVE-2012-2378
05 Jan 2013 — Apache CXF 2.4.5 through 2.4.7, 2.5.1 through 2.5.3, and 2.6.x before 2.6.1, does not properly enforce child policies of a WS-SecurityPolicy 1.1 SupportingToken policy on the client side, which allows remote attackers to bypass the (1) AlgorithmSuite, (2) SignedParts, (3) SignedElements, (4) EncryptedParts, and (5) EncryptedElements policies. Apache CXF v2.4.5 hasta v2.4.7, v2.5.1 hasta v2.5.3, y v2.6.x anteriores a v2.6.1, no refuerza de forma adecuada las politicas hijo de un política WS-SecurityPolicy 1.... • http://cxf.apache.org/cve-2012-2378.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 10.0EPSS: 0%CPEs: 13EXPL: 0CVE-2012-2379 – apache-cxf: Apache CXF does not verify that elements were signed / encrypted by a particular Supporting Token
https://notcve.org/view.php?id=CVE-2012-2379
03 Jan 2013 — Apache CXF 2.4.x before 2.4.8, 2.5.x before 2.5.4, and 2.6.x before 2.6.1, when a Supporting Token specifies a child WS-SecurityPolicy 1.1 or 1.2 policy, does not properly ensure that an XML element is signed or encrypted, which has unspecified impact and attack vectors. Apache CXF v2.4.x antes de v2.4.8, v2.5.x antes de v2.5.4, y v2.6.x antes de v2.6.1, cuando un Supporting Token especifica una política hija WS-SecurityPolicy 1.1 o 1.2, no se aseguran de que un elemento XML está firmado o cifrado, lo que t... • http://cxf.apache.org/cve-2012-2379.html •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2012-5786
https://notcve.org/view.php?id=CVE-2012-5786
04 Nov 2012 — The wsdl_first_https sample code in distribution/src/main/release/samples/wsdl_first_https/src/main/ in Apache CXF before 2.7.0 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate. NOTE: The vendor states that the sample had specifically used a flag to bypass the DN check ** EN DISPUTA ** El código de ejemplo wsdl_firs... • http://www.cs.utexas.edu/~shmat/shmat_ccs12.pdf • CWE-20: Improper Input Validation •
CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0CVE-2012-3451 – apache-cxf: SOAPAction spoofing on document literal web services
https://notcve.org/view.php?id=CVE-2012-3451
24 Sep 2012 — Apache CXF before 2.4.9, 2.5.x before 2.5.5, and 2.6.x before 2.6.2 allows remote attackers to execute unintended web-service operations by sending a header with a SOAP Action String that is inconsistent with the message body. Apache CXF antes de v2.4.9, v2.5.x antes de v2.5.5, y v2.6.x antes de v2.6.2 permiten a tacantes remotos ejecutar operaciones de web-services no inesperadas enviando una cabecera con una cadena de acción SOAP que es inconsistente con el cuerpo del mensaje. • http://cxf.apache.org/cve-2012-3451.html • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 1%CPEs: 3EXPL: 1CVE-2010-2076
https://notcve.org/view.php?id=CVE-2010-2076
19 Aug 2010 — Apache CXF 2.0.x before 2.0.13, 2.1.x before 2.1.10, and 2.2.x before 2.2.9, as used in Apache ServiceMix, Apache Camel, Apache Chemistry, Apache jUDDI, Apache Geronimo, and other products, does not properly reject DTDs in SOAP messages, which allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service (CPU and memory consumption) via a crafted DTD, as demonstrated by an entity declaration in a request to samples/wsdl_first_pure_xml, a similar issue ... • http://geronimo.apache.org/2010/07/21/apache-geronimo-v216-released.html • CWE-829: Inclusion of Functionality from Untrusted Control Sphere •