CVE-2012-3451
apache-cxf: SOAPAction spoofing on document literal web services
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Apache CXF before 2.4.9, 2.5.x before 2.5.5, and 2.6.x before 2.6.2 allows remote attackers to execute unintended web-service operations by sending a header with a SOAP Action String that is inconsistent with the message body.
Apache CXF antes de v2.4.9, v2.5.x antes de v2.5.5, y v2.6.x antes de v2.6.2 permiten a tacantes remotos ejecutar operaciones de web-services no inesperadas enviando una cabecera con una cadena de acción SOAP que es inconsistente con el cuerpo del mensaje.
JBoss Enterprise SOA Platform is the next-generation ESB and business process automation infrastructure. JBoss Enterprise SOA Platform allows IT to leverage existing, modern, and future integration methodologies to dramatically improve business process execution speed and quality. This roll up patch serves as a cumulative upgrade for JBoss Enterprise SOA Platform 5.3.1. It includes various bug fixes. The following security issues are also fixed with this release: If web services were deployed using Apache CXF with the WSS4JInInterceptor enabled to apply WS-Security processing, HTTP GET requests to these services were always granted access, without applying authentication checks. The URIMappingInterceptor is a legacy mechanism for allowing REST-like access to simple SOAP services. A remote attacker could use this flaw to access the REST-like interface of a simple SOAP service using GET requests that bypass the security constraints applied by WSS4JInInterceptor. This flaw was only exploitable if WSS4JInInterceptor was used to apply WS-Security processing. Services that use WS-SecurityPolicy to apply security were not affected.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2012-06-14 CVE Reserved
- 2012-09-20 CVE Published
- 2024-08-06 CVE Updated
- 2025-05-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-20: Improper Input Validation
CAPEC
References (22)
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://svn.apache.org/viewvc?view=revision&revision=1368559 | 2023-02-13 |
| URL | Date | SRC |
|---|---|---|
| http://cxf.apache.org/cve-2012-3451.html | 2023-02-13 | |
| http://rhn.redhat.com/errata/RHSA-2012-1591.html | 2023-02-13 | |
| http://rhn.redhat.com/errata/RHSA-2012-1592.html | 2023-02-13 | |
| http://rhn.redhat.com/errata/RHSA-2012-1594.html | 2023-02-13 | |
| http://rhn.redhat.com/errata/RHSA-2013-0256.html | 2023-02-13 | |
| http://rhn.redhat.com/errata/RHSA-2013-0257.html | 2023-02-13 | |
| http://rhn.redhat.com/errata/RHSA-2013-0258.html | 2023-02-13 | |
| http://rhn.redhat.com/errata/RHSA-2013-0259.html | 2023-02-13 | |
| http://rhn.redhat.com/errata/RHSA-2013-0726.html | 2023-02-13 | |
| http://rhn.redhat.com/errata/RHSA-2013-0743.html | 2023-02-13 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=851896 | 2013-04-15 | |
| https://access.redhat.com/security/cve/CVE-2012-3451 | 2013-04-15 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Apache Search vendor "Apache" | Cxf Search vendor "Apache" for product "Cxf" | < 2.4.9 Search vendor "Apache" for product "Cxf" and version " < 2.4.9" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Cxf Search vendor "Apache" for product "Cxf" | >= 2.5.0 < 2.5.5 Search vendor "Apache" for product "Cxf" and version " >= 2.5.0 < 2.5.5" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Cxf Search vendor "Apache" for product "Cxf" | >= 2.6.0 < 2.6.2 Search vendor "Apache" for product "Cxf" and version " >= 2.6.0 < 2.6.2" | - |
Affected
| ||||||