Lucene search

K
freebsd
FreeBSDAC18046C-9B08-11E6-8011-005056925DB4
HistoryDec 06, 2012 - 12:00 a.m.

Axis2 -- Security vulnerabilities on dependency Apache HttpClient

2012-12-0600:00:00
vuxml.freebsd.org
14

5.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

0.004 Low

EPSS

Percentile

73.0%

Apache Axis2 reports:

Apache Axis2 1.7.4 is a maintenance release that includes fixes for
several issues, including the following security issues:
Session fixation (AXIS2-4739) and XSS (AXIS2-5683) vulnerabilities
affecting the admin console.
A dependency on an Apache HttpClient version affected by known security
vulnerabilities (CVE-2012-6153 and CVE-2014-3577); see AXIS2-5757.

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchaxis2< 1.7.4UNKNOWN
How to protect your server from attacks?

5.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

0.004 Low

EPSS

Percentile

73.0%

Related for AC18046C-9B08-11E6-8011-005056925DB4