Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
ApacheAxis2-

2 matches found

CVE
CVEadded 2012/10/09 11:0 p.m.113 views

CVE-2012-5351

CVE-2012-5351 affects Apache Axis2 and allows remote attackers to bypass authentication by forging a SAML assertion that lacks a Signature element (Signature exclusion attack). This is the same family as CVE-2012-4418 and enables message forgery without proper XML-signature verification. IBM-rela...

6.4CVSS6.8AI score0.05089EPSS
CVE
CVEadded 2012/10/09 11:0 p.m.99 views

CVE-2012-4418

CVE-2012-4418 concerns Apache Axis2 and its XML signature handling. The provided connected material confirms that this vulnerability arises from the failure to properly verify signed XML messages, allowing an attacker to craft messages that bypass authentication via an XML Signature wrapping atta...

5.8CVSS6.9AI score0.05999EPSS