CVE-2012-5575

apache-cxf: XML encryption backwards compatibility attacks

Severity Score

6.5

*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

Apache CXF 2.5.x before 2.5.10, 2.6.x before CXF 2.6.7, and 2.7.x before CXF 2.7.4 does not verify that a specified cryptographic algorithm is allowed by the WS-SecurityPolicy AlgorithmSuite definition before decrypting, which allows remote attackers to force CXF to use weaker cryptographic algorithms than intended and makes it easier to decrypt communications, aka "XML Encryption backwards compatibility attack."

Apache CXF en versiones 2.5.x anteriores a la 2.5.10, 2.6.x anteriores a CXF 2.6.7 y 2.7.x anteriores a CXF 2.7.4 no verifica que un algoritmo criptográfico específico esté permitido por la definición de WS-SecurityPolicy AlgorithmSuite antes del descifrado, lo que permite a los atacantes remotos forzar a CXF a usar algoritmos criptográficos más débiles que los previstos y facilita el descifrado de las comunicaciones. Esto también se conoce como "XML Encryption backwards compatibility attack".

Red Hat JBoss SOA Platform is the next-generation ESB and business process automation infrastructure. Red Hat JBoss SOA Platform allows IT to leverage existing, modern, and future integration methodologies to dramatically improve business process execution speed and quality. This roll up patch serves as a cumulative upgrade for Red Hat JBoss SOA Platform 5.3.1. It includes various bug fixes. The following security issue is also fixed with this release: XML encryption backwards compatibility attacks were found against various frameworks, including Apache CXF. An attacker could force a server to use insecure, legacy cryptosystems, even when secure cryptosystems were enabled on endpoints. By forcing the use of legacy cryptosystems, flaws such as CVE-2011-1096 and CVE-2011-2487 would be exposed, allowing plain text to be recovered from cryptograms and symmetric keys. This issue affected both the JBoss Web Services CXF and JBoss Web Services Native stacks.

*Credits: N/A

CVSS Scores

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

Low

Availability

None

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

Partial

Integrity

Partial

Availability

None

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

Complete

Integrity

None

Availability

None

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2012-10-24 CVE Reserved
2013-05-20 CVE Published
2018-11-19 First Exploit
2024-08-06 CVE Updated
2025-04-03 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date

CWE

CWE-310: Cryptographic Issues
CWE-327: Use of a Broken or Risky Cryptographic Algorithm

CAPEC

References (23)

URL	Tag	Source
http://cxf.apache.org/cve-2012-5575.html	X_refsource_confirm
http://www.nds.ruhr-uni-bochum.de/research/publications/backwards-compatibility	X_refsource_misc
http://www.securityfocus.com/bid/60043	Vdb Entry
https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf%40%3Ccommits.cxf.apache.org%3E	Mailing List
https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c%40%3Ccommits.cxf.apache.org%3E	Mailing List
https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6%40%3Ccommits.cxf.apache.org%3E	Mailing List
https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4%40%3Ccommits.cxf.apache.org%3E	Mailing List
https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e%40%3Ccommits.cxf.apache.org%3E	Mailing List
https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4%40%3Ccommits.cxf.apache.org%3E	Mailing List

URL	Date	SRC
https://github.com/tafamace/CVE-2012-5575	2018-11-19

URL	Date	SRC

URL	Date	SRC
http://rhn.redhat.com/errata/RHSA-2013-0833.html	2023-02-13
http://rhn.redhat.com/errata/RHSA-2013-0834.html	2023-02-13
http://rhn.redhat.com/errata/RHSA-2013-0839.html	2023-02-13
http://rhn.redhat.com/errata/RHSA-2013-0873.html	2023-02-13
http://rhn.redhat.com/errata/RHSA-2013-0874.html	2023-02-13
http://rhn.redhat.com/errata/RHSA-2013-0875.html	2023-02-13
http://rhn.redhat.com/errata/RHSA-2013-0876.html	2023-02-13
http://rhn.redhat.com/errata/RHSA-2013-0943.html	2023-02-13
http://rhn.redhat.com/errata/RHSA-2013-1028.html	2023-02-13
http://rhn.redhat.com/errata/RHSA-2013-1143.html	2023-02-13
http://rhn.redhat.com/errata/RHSA-2013-1437.html	2023-02-13
https://bugzilla.redhat.com/show_bug.cgi?id=880443	2013-10-16
https://access.redhat.com/security/cve/CVE-2012-5575	2013-10-16

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Apache Search vendor "Apache"		Cxf Search vendor "Apache" for product "Cxf"				2.5.0 Search vendor "Apache" for product "Cxf" and version "2.5.0"		-		Affected
Apache Search vendor "Apache"		Cxf Search vendor "Apache" for product "Cxf"				2.5.1 Search vendor "Apache" for product "Cxf" and version "2.5.1"		-		Affected
Apache Search vendor "Apache"		Cxf Search vendor "Apache" for product "Cxf"				2.5.2 Search vendor "Apache" for product "Cxf" and version "2.5.2"		-		Affected
Apache Search vendor "Apache"		Cxf Search vendor "Apache" for product "Cxf"				2.5.3 Search vendor "Apache" for product "Cxf" and version "2.5.3"		-		Affected
Apache Search vendor "Apache"		Cxf Search vendor "Apache" for product "Cxf"				2.5.4 Search vendor "Apache" for product "Cxf" and version "2.5.4"		-		Affected
Apache Search vendor "Apache"		Cxf Search vendor "Apache" for product "Cxf"				2.5.5 Search vendor "Apache" for product "Cxf" and version "2.5.5"		-		Affected
Apache Search vendor "Apache"		Cxf Search vendor "Apache" for product "Cxf"				2.5.6 Search vendor "Apache" for product "Cxf" and version "2.5.6"		-		Affected
Apache Search vendor "Apache"		Cxf Search vendor "Apache" for product "Cxf"				2.5.7 Search vendor "Apache" for product "Cxf" and version "2.5.7"		-		Affected
Apache Search vendor "Apache"		Cxf Search vendor "Apache" for product "Cxf"				2.5.8 Search vendor "Apache" for product "Cxf" and version "2.5.8"		-		Affected
Apache Search vendor "Apache"		Cxf Search vendor "Apache" for product "Cxf"				2.5.9 Search vendor "Apache" for product "Cxf" and version "2.5.9"		-		Affected
Apache Search vendor "Apache"		Cxf Search vendor "Apache" for product "Cxf"				2.6.0 Search vendor "Apache" for product "Cxf" and version "2.6.0"		-		Affected
Apache Search vendor "Apache"		Cxf Search vendor "Apache" for product "Cxf"				2.6.1 Search vendor "Apache" for product "Cxf" and version "2.6.1"		-		Affected
Apache Search vendor "Apache"		Cxf Search vendor "Apache" for product "Cxf"				2.6.2 Search vendor "Apache" for product "Cxf" and version "2.6.2"		-		Affected
Apache Search vendor "Apache"		Cxf Search vendor "Apache" for product "Cxf"				2.6.3 Search vendor "Apache" for product "Cxf" and version "2.6.3"		-		Affected
Apache Search vendor "Apache"		Cxf Search vendor "Apache" for product "Cxf"				2.6.4 Search vendor "Apache" for product "Cxf" and version "2.6.4"		-		Affected
Apache Search vendor "Apache"		Cxf Search vendor "Apache" for product "Cxf"				2.6.5 Search vendor "Apache" for product "Cxf" and version "2.6.5"		-		Affected
Apache Search vendor "Apache"		Cxf Search vendor "Apache" for product "Cxf"				2.6.6 Search vendor "Apache" for product "Cxf" and version "2.6.6"		-		Affected
Apache Search vendor "Apache"		Cxf Search vendor "Apache" for product "Cxf"				2.7.0 Search vendor "Apache" for product "Cxf" and version "2.7.0"		-		Affected
Apache Search vendor "Apache"		Cxf Search vendor "Apache" for product "Cxf"				2.7.1 Search vendor "Apache" for product "Cxf" and version "2.7.1"		-		Affected
Apache Search vendor "Apache"		Cxf Search vendor "Apache" for product "Cxf"				2.7.2 Search vendor "Apache" for product "Cxf" and version "2.7.2"		-		Affected
Apache Search vendor "Apache"		Cxf Search vendor "Apache" for product "Cxf"				2.7.3 Search vendor "Apache" for product "Cxf" and version "2.7.3"		-		Affected
Redhat Search vendor "Redhat"		Jboss Enterprise Application Platform Search vendor "Redhat" for product "Jboss Enterprise Application Platform"				5.0.0 Search vendor "Redhat" for product "Jboss Enterprise Application Platform" and version "5.0.0"		-		Affected
Redhat Search vendor "Redhat"		Jboss Enterprise Portal Platform Search vendor "Redhat" for product "Jboss Enterprise Portal Platform"				4.3.0 Search vendor "Redhat" for product "Jboss Enterprise Portal Platform" and version "4.3.0"		-		Affected
Redhat Search vendor "Redhat"		Jboss Enterprise Soa Platform Search vendor "Redhat" for product "Jboss Enterprise Soa Platform"				4.3.0 Search vendor "Redhat" for product "Jboss Enterprise Soa Platform" and version "4.3.0"		-		Affected
Redhat Search vendor "Redhat"		Jboss Enterprise Web Platform Search vendor "Redhat" for product "Jboss Enterprise Web Platform"				5.2.0 Search vendor "Redhat" for product "Jboss Enterprise Web Platform" and version "5.2.0"		-		Affected
Redhat Search vendor "Redhat"		Jboss Fuse Esb Enterprise Search vendor "Redhat" for product "Jboss Fuse Esb Enterprise"				7.1.0 Search vendor "Redhat" for product "Jboss Fuse Esb Enterprise" and version "7.1.0"		-		Affected