Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2012-5633
HistoryMar 12, 2013 - 11:55 p.m.

CVE-2012-5633

2013-03-1223:55:00
CWE-287
[email protected]
web.nvd.nist.gov
58
apache cxf
urimappinginterceptor
ws-security
vulnerability
http get
nvd
cve-2012-5633

9.1 High

AI Score

Confidence

High

5.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

0.002 Low

EPSS

Percentile

61.3%

JSON

The URIMappingInterceptor in Apache CXF before 2.5.8, 2.6.x before 2.6.5, and 2.7.x before 2.7.2, when using the WSS4JInInterceptor, bypasses WS-Security processing, which allows remote attackers to obtain access to SOAP services via an HTTP GET request.

References

Related

prion 1
ubuntucve 1
osv 1
github 1
veracode 1
nessus 3
redhat 10
f5 2
ibm 1
prion
prion
Cross site request forgery (csrf)
2013-03-12 23:55:00
ubuntucve
ubuntucve
CVE-2012-5633
2013-03-12 00:00:00
osv
osv
Improper Authentication in Apache CXF
2022-05-13 01:09:21
github
github
Improper Authentication in Apache CXF
2022-05-13 01:09:21
veracode
veracode
WSS4JInInterceptor Bypasses WS Security Processing
2019-01-15 09:00:33
nessus
nessus
RHEL 5 / 6 : apache-cxf (RHSA-2013:0644)
2013-03-14 00:00:00
RHEL 5 / 6 : JBoss EAP (RHSA-2013:0257)
2013-02-14 00:00:00
RHEL 5 / 6 : JBoss Enterprise Web Platform 5.2.0 (RHSA-2013:0259)
2024-04-21 00:00:00
redhat
redhat
(RHSA-2013:0256) Important: JBoss Enterprise Application Platform 5.2.0 security update
2013-02-13 00:00:00
(RHSA-2013:0259) Important: JBoss Enterprise Web Platform 5.2.0 security update
2013-02-13 00:00:00
(RHSA-2013:0743) Important: JBoss Enterprise BRMS Platform 5.3.1 update
2013-04-15 00:00:00
f5
f5
SOL15580 - Apache CXF and JBoss vulnerabilities
2014-09-11 00:00:00
K15580 : Apache CXF and JBoss vulnerabilities
2014-09-11 00:00:00
ibm
ibm
Security Bulletin: IBM has announced a release for IBM Security Identity Governance and Intelligence in response to security vulnerability
2019-07-19 16:20:01

9.1 High

AI Score

Confidence

High

5.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

0.002 Low

EPSS

Percentile

61.3%

JSON
Related for CVE-2012-5633
prion1ubuntucve1osv1github1veracode1nessus3redhat10f52ibm1