CVSS: 5.8EPSS: 0%CPEs: 1EXPL: 0CVE-2012-5786
https://notcve.org/view.php?id=CVE-2012-5786
The wsdl_first_https sample code in distribution/src/main/release/samples/wsdl_first_https/src/main/ in Apache CXF before 2.7.0 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate. NOTE: The vendor states that the sample had specifically used a flag to bypass the DN check ** EN DISPUTA ** El código de ejemplo wsdl_first_https en distribution/src/main/release/samples/wsdl_first_https/src/main/ en Apache CXF, posiblemente v2.6.0, no comprueba si el nombre del servidor coincide con un nombre de dominio en el Common Name (CN) del asunto o el campo subjectAltName del certificado X.509, lo que permite a atacantes man-in-the-middle falsificar servidores SSL a través de un certificado válido arbitrario. NOTA: El proveedor indica que la muestra había utilizado específicamente un flag para la omisión de comprobación del DN. • http://www.cs.utexas.edu/~shmat/shmat_ccs12.pdf https://exchange.xforce.ibmcloud.com/vulnerabilities/79983 • CWE-20: Improper Input Validation •
CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0CVE-2012-3451 – apache-cxf: SOAPAction spoofing on document literal web services
https://notcve.org/view.php?id=CVE-2012-3451
Apache CXF before 2.4.9, 2.5.x before 2.5.5, and 2.6.x before 2.6.2 allows remote attackers to execute unintended web-service operations by sending a header with a SOAP Action String that is inconsistent with the message body. Apache CXF antes de v2.4.9, v2.5.x antes de v2.5.5, y v2.6.x antes de v2.6.2 permiten a tacantes remotos ejecutar operaciones de web-services no inesperadas enviando una cabecera con una cadena de acción SOAP que es inconsistente con el cuerpo del mensaje. • http://cxf.apache.org/cve-2012-3451.html http://rhn.redhat.com/errata/RHSA-2012-1591.html http://rhn.redhat.com/errata/RHSA-2012-1592.html http://rhn.redhat.com/errata/RHSA-2012-1594.html http://rhn.redhat.com/errata/RHSA-2013-0256.html http://rhn.redhat.com/errata/RHSA-2013-0257.html http://rhn.redhat.com/errata/RHSA-2013-0258.html http://rhn.redhat.com/errata/RHSA-2013-0259.html http://rhn.redhat.com/errata/RHSA-2013-0726.html http://rhn.redhat. • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 0%CPEs: 13EXPL: 0CVE-2012-2379 – apache-cxf: Apache CXF does not verify that elements were signed / encrypted by a particular Supporting Token
https://notcve.org/view.php?id=CVE-2012-2379
Apache CXF 2.4.x before 2.4.8, 2.5.x before 2.5.4, and 2.6.x before 2.6.1, when a Supporting Token specifies a child WS-SecurityPolicy 1.1 or 1.2 policy, does not properly ensure that an XML element is signed or encrypted, which has unspecified impact and attack vectors. Apache CXF v2.4.x antes de v2.4.8, v2.5.x antes de v2.5.4, y v2.6.x antes de v2.6.1, cuando un Supporting Token especifica una política hija WS-SecurityPolicy 1.1 o 1.2, no se aseguran de que un elemento XML está firmado o cifrado, lo que tiene un impacto y vectores de ataque no especificados. • http://cxf.apache.org/cve-2012-2379.html http://rhn.redhat.com/errata/RHSA-2012-1559.html http://rhn.redhat.com/errata/RHSA-2012-1573.html http://rhn.redhat.com/errata/RHSA-2012-1591.html http://rhn.redhat.com/errata/RHSA-2012-1592.html http://rhn.redhat.com/errata/RHSA-2012-1593.html http://rhn.redhat.com/errata/RHSA-2012-1594.html http://rhn.redhat.com/errata/RHSA-2013-0191.html http://rhn.redhat.com/errata/RHSA-2013-0192.html http://rhn.redhat. •
CVSS: 4.3EPSS: 0%CPEs: 7EXPL: 0CVE-2012-2378 – apache-cxf: Certain child policies of WS-SecurityPolicy 1.1 SupportingToken policy not applied on the client side
https://notcve.org/view.php?id=CVE-2012-2378
Apache CXF 2.4.5 through 2.4.7, 2.5.1 through 2.5.3, and 2.6.x before 2.6.1, does not properly enforce child policies of a WS-SecurityPolicy 1.1 SupportingToken policy on the client side, which allows remote attackers to bypass the (1) AlgorithmSuite, (2) SignedParts, (3) SignedElements, (4) EncryptedParts, and (5) EncryptedElements policies. Apache CXF v2.4.5 hasta v2.4.7, v2.5.1 hasta v2.5.3, y v2.6.x anteriores a v2.6.1, no refuerza de forma adecuada las politicas hijo de un política WS-SecurityPolicy 1.1 SupportingToken del lado del cliente, lo que permite a atacantes remotos evitar las políticas (1) AlgorithmSuite, (2) SignedParts, (3) SignedElements, (4) EncryptedParts, y (5) EncryptedElements policies. • http://cxf.apache.org/cve-2012-2378.html http://rhn.redhat.com/errata/RHSA-2012-1591.html http://rhn.redhat.com/errata/RHSA-2012-1592.html http://rhn.redhat.com/errata/RHSA-2012-1594.html http://secunia.com/advisories/51607 http://svn.apache.org/viewvc?view=revision&revision=1337150 http://www.securityfocus.com/bid/53880 https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf%40%3Ccommits.cxf.apache.org%3E https://lists.apache.org/thread.html/rc7742781358 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.8EPSS: 3%CPEs: 2EXPL: 0CVE-2012-0803
https://notcve.org/view.php?id=CVE-2012-0803
The WS-SP UsernameToken policy in Apache CXF 2.4.5 and 2.5.1 allows remote attackers to bypass authentication by sending an empty UsernameToken as part of a SOAP request. La política WS-SP UsernameToken en Apache CXF 2.4.5 y 2.5.1 permite que atacantes remotos eludan la autenticación mediante el envío de un UsernameToken vacío como parte de una petición SOAP. • http://marc.info/?l=full-disclosure&m=132861746008002 http://svn.apache.org/viewvc?view=revision&revision=1233457 https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf%40%3Ccommits.cxf.apache.org%3E https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c%40%3Ccommits.cxf.apache.org%3E https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6%40%3Ccommits.cxf.apache.org%3E https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0 • CWE-287: Improper Authentication •