Lucene search
RedhatCVELIST:CVE-2014-3596HistoryAug 27, 2014 - 12:00 a.m.
CVE-2014-3596
2014-08-2700:00:00
redhat
raw.githubusercontent.com
1
The getCN function in Apache Axis 1.4 and earlier does not properly verify that the server hostname matches a domain name in the subjectβs Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a certificate with a subject that specifies a common name in a field that is not the CN field. NOTE: this issue exists because of an incomplete fix for CVE-2012-5784.
Related
osv
osv
axis - security update
2015-03-10 00:00:00
Improper Validation of Certificates in apache axis
2018-10-16 20:50:58
Man-in-the-middle attack in Apache Axis
2020-10-07 17:51:02
debian
debian
[SECURITY] [DLA 169-1] axis security update
2015-03-10 18:49:18
ibm
ibm
Security Bulletin: Two vulnerabilities exist in IBM Case Foundation and FileNet Business Process Manager (CVE-2012-5784 and CVE-2014-3596)
2018-06-17 12:12:09
cve
cve
CVE-2014-3596
2014-08-27 00:55:00
CVE-2012-5784
2012-11-04 22:55:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2019:1373-1)
2021-06-09 00:00:00
SUSE: Security Advisory (SUSE-SU-2019:1373-2)
2021-06-09 00:00:00
Debian: Security Advisory (DLA-169-1)
2023-03-08 00:00:00
ubuntucve
ubuntucve
CVE-2014-3596
2014-08-27 00:00:00
CVE-2012-5784
2012-11-04 00:00:00
suse
suse
Security update for axis (moderate)
2019-06-03 00:00:00
Security update for axis (moderate)
2019-06-07 00:00:00
veracode
veracode
Man In The Middle (MitM) Attacks Are Possible With Spoofed SSL Servers
2019-01-15 09:01:11
Man In The Middle (MitM) Attacks Are Possible With Spoofed SSL Servers
2019-01-15 09:00:12
nessus
nessus
F5 Networks BIG-IP : Apache Axis vulnerability (SOL16821)
2016-09-02 00:00:00
openSUSE Security Update : axis (openSUSE-2019-1497)
2019-06-04 00:00:00
Debian DLA-169-1 : axis security update
2015-03-26 00:00:00
debiancve
debiancve
CVE-2014-3596
2014-08-27 00:55:00
CVE-2012-5784
2012-11-04 22:55:00
f5
f5
SOL16821 - Apache Axis vulnerability CVE-2014-3596
2015-06-29 00:00:00
K16821 : Apache Axis vulnerability CVE-2014-3596
2015-11-11 00:00:00
SOL14371 - Apache Axis vulnerability CVE-2012-5784
2013-05-06 00:00:00
github
github
Improper Validation of Certificates in apache axis
2018-10-16 20:50:58
Man-in-the-middle attack in Apache Axis
2020-10-07 17:51:02
prion
prion
Code injection
2014-08-27 00:55:00
Design/Logic Flaw
2012-11-04 22:55:00
oraclelinux
oraclelinux
axis security update
2014-09-15 00:00:00
axis security update
2013-03-25 00:00:00
axis security update
2013-02-19 00:00:00
fedora
fedora
[SECURITY] Fedora 17 Update: axis-1.4-19.fc17
2013-02-01 17:16:41
[SECURITY] Fedora 18 Update: axis-1.4-19.fc18
2013-02-01 16:58:10
redhat
redhat
(RHSA-2013:0683) Moderate: axis security update
2013-03-25 00:00:00
(RHSA-2013:0269) Moderate: axis security update
2013-02-19 00:00:00
(RHSA-2014:1123) Moderate: devtoolset-2-axis security update
2014-09-02 00:00:00
cvelist
cvelist
CVE-2012-5784
2012-11-04 22:00:00
mageia
mageia
Updated axis package fixes security vulnerability
2013-07-06 18:12:34
Updated axis packages fix CVE-2014-3596
2014-12-26 20:04:58
amazon
amazon
Medium: axis
2013-03-02 16:50:00
Important: axis
2014-09-17 21:47:00
centos
centos
axis security update
2013-03-25 20:27:08
axis security update
2014-09-15 16:46:18
gitlab
gitlab
Improper Input Validation
2020-10-07 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - April 2017
2017-04-18 00:00:00
Oracle Critical Patch Update Advisory - January 2020
2020-01-14 00:00:00