CVE-2014-3596
axis: SSL hostname verification bypass, incomplete CVE-2012-5784 fix
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
The getCN function in Apache Axis 1.4 and earlier does not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a certificate with a subject that specifies a common name in a field that is not the CN field. NOTE: this issue exists because of an incomplete fix for CVE-2012-5784.
La función getCN en Apache Axis 1.4 y versiones anteriores no verifica correctamente que el nombre de host del servidor coincida con un nombre de dominio en el campo Common Name (CN) o subjectAltName del certificado X.509, lo que permite a los atacantes intermedios falsificar servidores SSL mediante un certificado con un asunto que especifica un nombre común en un campo que no es el campo CN. NOTA: este problema existe debido a una solución incompleta para CVE-2012-5784.
It was discovered that Axis incorrectly extracted the host name from an X.509 certificate subject's Common Name (CN) field. A man-in-the-middle attacker could use this flaw to spoof an SSL server using a specially crafted X.509 certificate.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2014-05-14 CVE Reserved
- 2014-08-27 CVE Published
- 2024-08-06 CVE Updated
- 2024-10-13 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-297: Improper Validation of Certificate with Host Mismatch
CAPEC
References (18)
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://issues.apache.org/jira/browse/AXIS-2905 | 2023-02-13 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Apache Search vendor "Apache" | Axis Search vendor "Apache" for product "Axis" | <= 1.4 Search vendor "Apache" for product "Axis" and version " <= 1.4" | - |
Affected
| ||||||
Apache Search vendor "Apache" | Axis Search vendor "Apache" for product "Axis" | 1.0 Search vendor "Apache" for product "Axis" and version "1.0" | - |
Affected
| ||||||
Apache Search vendor "Apache" | Axis Search vendor "Apache" for product "Axis" | 1.0 Search vendor "Apache" for product "Axis" and version "1.0" | beta |
Affected
| ||||||
Apache Search vendor "Apache" | Axis Search vendor "Apache" for product "Axis" | 1.0 Search vendor "Apache" for product "Axis" and version "1.0" | rc1 |
Affected
| ||||||
Apache Search vendor "Apache" | Axis Search vendor "Apache" for product "Axis" | 1.0 Search vendor "Apache" for product "Axis" and version "1.0" | rc2 |
Affected
| ||||||
Apache Search vendor "Apache" | Axis Search vendor "Apache" for product "Axis" | 1.1 Search vendor "Apache" for product "Axis" and version "1.1" | - |
Affected
| ||||||
Apache Search vendor "Apache" | Axis Search vendor "Apache" for product "Axis" | 1.1 Search vendor "Apache" for product "Axis" and version "1.1" | beta |
Affected
| ||||||
Apache Search vendor "Apache" | Axis Search vendor "Apache" for product "Axis" | 1.1 Search vendor "Apache" for product "Axis" and version "1.1" | rc1 |
Affected
| ||||||
Apache Search vendor "Apache" | Axis Search vendor "Apache" for product "Axis" | 1.1 Search vendor "Apache" for product "Axis" and version "1.1" | rc2 |
Affected
| ||||||
Apache Search vendor "Apache" | Axis Search vendor "Apache" for product "Axis" | 1.2 Search vendor "Apache" for product "Axis" and version "1.2" | - |
Affected
| ||||||
Apache Search vendor "Apache" | Axis Search vendor "Apache" for product "Axis" | 1.2 Search vendor "Apache" for product "Axis" and version "1.2" | alpha |
Affected
| ||||||
Apache Search vendor "Apache" | Axis Search vendor "Apache" for product "Axis" | 1.2 Search vendor "Apache" for product "Axis" and version "1.2" | beta1 |
Affected
| ||||||
Apache Search vendor "Apache" | Axis Search vendor "Apache" for product "Axis" | 1.2 Search vendor "Apache" for product "Axis" and version "1.2" | beta2 |
Affected
| ||||||
Apache Search vendor "Apache" | Axis Search vendor "Apache" for product "Axis" | 1.2 Search vendor "Apache" for product "Axis" and version "1.2" | beta3 |
Affected
| ||||||
Apache Search vendor "Apache" | Axis Search vendor "Apache" for product "Axis" | 1.2 Search vendor "Apache" for product "Axis" and version "1.2" | rc1 |
Affected
| ||||||
Apache Search vendor "Apache" | Axis Search vendor "Apache" for product "Axis" | 1.2 Search vendor "Apache" for product "Axis" and version "1.2" | rc2 |
Affected
| ||||||
Apache Search vendor "Apache" | Axis Search vendor "Apache" for product "Axis" | 1.2 Search vendor "Apache" for product "Axis" and version "1.2" | rc3 |
Affected
| ||||||
Apache Search vendor "Apache" | Axis Search vendor "Apache" for product "Axis" | 1.2.1 Search vendor "Apache" for product "Axis" and version "1.2.1" | - |
Affected
| ||||||
Apache Search vendor "Apache" | Axis Search vendor "Apache" for product "Axis" | 1.3 Search vendor "Apache" for product "Axis" and version "1.3" | - |
Affected
|