Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

IBM Security Bulletins
IBM Security Bulletinsadded 2022/09/26 5:45 a.m.17 views

Security Bulletin: Apache Axis2 related vulnerability for IBM Tivoli Directory Integrator (CVE-2012-5785)

Abstract Apache Axis2 SSL vulnerability for IBM Tivoli Directory Integrator Content VULNERABILITY DETAILS: DESCRIPTION: Axis2 implemented in Java is vulnerable to man-in-the-middle attacks. By extension, all applications using this library to establish SSL connections with the target servers may ...

5.8CVSS8.5AI score0.02206EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2022/09/26 5:45 a.m.20 views

Security Bulletin: IBM SPSS Modeler Premium - Text Analytics SSL Spoofing (CVE-2012-5785)

Abstract Last updated on December 11, 2012. When using the Text Analytics Server from the IBM SPSS Modeler Premium product with the SSL option enabled default is disabled, then an SSL connection can be established without verifying the hostname of the target connection against the name on the SSL...

5.8CVSS8.7AI score0.02206EPSS
Exploits1Affected Software1
vulnersOsv
vulnersOsvadded 2022/05/17 1:38 a.m.9 views

br.com.swconsultoria:java-cte (>=3.00.4 <=4.00.14), br.com.swconsultoria:java-mdfe (>=3.00.3 <=3.00.4) +180 more potentially affected by CVE-2012-5785 via org.apache.axis2:axis2-transport-http (>=1.5 <=1.7.9)

org.apache.axis2:axis2-transport-http MAVEN version =1.5, =3.00.4, =3.00.3, =4.00.10, =0.5.9, =0.3, =0.1.10, =0.0.3, =1.0.1.RELEASE, =9.00.2110.07.220316, =1.0.0, =1.0.22, =0.0.1, =1.0.0 and more Source cves: CVE-2012-5785 Source advisory: OSV:GHSA-WWQ7-PXWC-P4RC...

5.8CVSS7.7AI score0.02206EPSS
Exploits1
vulnersOsv
vulnersOsvadded 2022/05/17 1:38 a.m.6 views

com.google.api-ads:common-axis2 (=0.1.0), com.google.code.magja:magja (>=0.0.1 <=0.0.3) +23 more potentially affected by CVE-2012-5785 via org.apache.axis2:axis2 (>=1.2 <=1.7.9)

org.apache.axis2:axis2 MAVEN version =1.2, =0.0.1, =2.8.28, =0.13.0, =0.13.0, =3.3, =3.3, =0.9, =0.11 and more Source cves: CVE-2012-5785 Source advisory: OSV:GHSA-WWQ7-PXWC-P4RC...

5.8CVSS7.2AI score0.02206EPSS
Exploits1
OpenVAS
OpenVASadded 2015/03/17 12:0 a.m.332 views

Apache Axis2 <= 1.6.2 Multiple Vulnerabilities

Apache Axis2 is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 SCHUTZWERK GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later CPE = "cpe:/a:apache:axis2"; if...

6.4CVSS8.6AI score0.05999EPSS
Exploits2References3
Cvelist
Cvelistadded 2012/11/04 10:0 p.m.22 views

CVE-2012-5785

Apache Axis2/Java 1.6.2 and earlier does not verify that the server hostname matches a domain name in the subject's Common Name CN or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate...

9.1AI score0.02206EPSS
Exploits1References4
CVE
CVEadded 2012/11/04 10:0 p.m.67 views

CVE-2012-5785

CVE-2012-5785 concerns Apache Axis2/Java where server hostname verification against the certificate CN/SubjectAltName is not performed, enabling MITM spoofing with any valid certificate. Connected documents confirm multiple IBM advisories and IBM BPM/TDI/IMS products affected by this Axis2 SSL is...

5.8CVSS6.4AI score0.02206EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder