CVE-2012-5786
Apache CXF’s wsdl_first_https sample in versions before 2.7.0 fails to verify server hostname against the certificate’s CN/subjectAltName, enabling MITM spoofing with an arbitrary valid certificate. This is tied to the sample’s DN check bypass flag. Publicly documented impact is limited to the sa...