// For flags

CVE-2012-6153

CXF: SSL hostname verification bypass, incomplete CVE-2012-5783 fix

Severity Score

4.3
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

http/conn/ssl/AbstractVerifier.java in Apache Commons HttpClient before 4.2.3 does not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a certificate with a subject that specifies a common name in a field that is not the CN field. NOTE: this issue exists because of an incomplete fix for CVE-2012-5783.

http/conn/ssl/AbstractVerifier.java en Apache Commons HttpClient anterior a 4.2.3 no verifica debidamente que el nombre del servidor coincide con un nombre de dominio en el campo del asunto Common Name (CN) o subjectAltName del certificado X.509, lo que permite a atacantes man-in-the-middle falsificar servidores SSL a través de un certificado con un asunto que especifica un nombre común en un campo que no es el campo CN. NOTA: este problema existe debido a una solución incompleta para CVE-2012-5783.

It was found that the fix for CVE-2012-5783 was incomplete: the code added to check that the server host name matches the domain name in a subject's Common Name (CN) field in X.509 certificates was flawed. A man-in-the-middle attacker could use this flaw to spoof an SSL server using a specially crafted X.509 certificate.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Medium
Authentication
None
Confidentiality
None
Integrity
Partial
Availability
None
Attack Vector
Network
Attack Complexity
Medium
Authentication
None
Confidentiality
Partial
Integrity
Partial
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2012-12-06 CVE Reserved
  • 2014-08-20 CVE Published
  • 2024-04-16 EPSS Updated
  • 2024-08-06 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-20: Improper Input Validation
  • CWE-297: Improper Validation of Certificate with Host Mismatch
CAPEC
References (22)
URL Tag Source
http://www.securityfocus.com/bid/69257 Third Party Advisory
https://access.redhat.com/solutions/1165533 Third Party Advisory
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05103564 Third Party Advisory
URL Date SRC
URL Date SRC
URL Date SRC
http://rhn.redhat.com/errata/RHSA-2014-1098.html 2018-01-05
http://rhn.redhat.com/errata/RHSA-2014-1833.html 2018-01-05
http://rhn.redhat.com/errata/RHSA-2014-1834.html 2018-01-05
http://rhn.redhat.com/errata/RHSA-2014-1835.html 2018-01-05
http://rhn.redhat.com/errata/RHSA-2014-1836.html 2018-01-05
http://rhn.redhat.com/errata/RHSA-2014-1891.html 2018-01-05
http://rhn.redhat.com/errata/RHSA-2014-1892.html 2018-01-05
http://rhn.redhat.com/errata/RHSA-2015-0125.html 2018-01-05
http://rhn.redhat.com/errata/RHSA-2015-0158.html 2018-01-05
http://rhn.redhat.com/errata/RHSA-2015-0675.html 2018-01-05
http://rhn.redhat.com/errata/RHSA-2015-0720.html 2018-01-05
http://rhn.redhat.com/errata/RHSA-2015-0765.html 2018-01-05
http://rhn.redhat.com/errata/RHSA-2015-0850.html 2018-01-05
http://rhn.redhat.com/errata/RHSA-2015-0851.html 2018-01-05
http://rhn.redhat.com/errata/RHSA-2015-1888.html 2018-01-05
http://svn.apache.org/viewvc?view=revision&revision=1411705 2018-01-05
http://www.ubuntu.com/usn/USN-2769-1 2018-01-05
https://bugzilla.redhat.com/show_bug.cgi?id=1129916 2015-10-12
https://access.redhat.com/security/cve/CVE-2012-6153 2015-10-12
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Apache
Search vendor "Apache"
 Commons-httpclient
Search vendor "Apache" for product "Commons-httpclient"
 >= 4.0 <= 4.2.2
Search vendor "Apache" for product "Commons-httpclient" and version " >= 4.0 <= 4.2.2"
-
Affected