CVE-2023-51441

2024-01-0600:00:00

ubuntu.com

apache axis

input validation

cve-2023-51441

ssrf

eol

soap engine

0.001 Low

EPSS

Percentile

39.1%

JSON

UNSUPPORTED WHEN ASSIGNED Improper Input Validation vulnerability in
Apache Axis allowed users with access to the admin service to perform
possible SSRF This issue affects Apache Axis: through 1.3. As Axis 1 has
been EOL we recommend you migrate to a different SOAP engine, such as
Apache Axis 2/Java. Alternatively you could use a build of Axis with the
patch from
https://github.com/apache/axis-axis1-java/commit/685c309febc64aa393b2d64a05f90e7eb9f73e06
applied. The Apache Axis project does not expect to create an Axis 1.x
release fixing this problem, though contributors that would like to work
towards this are welcome.

Bugs

<http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1060169>

OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchaxis< anyUNKNOWN
ubuntu20.04noarchaxis< anyUNKNOWN
ubuntu22.04noarchaxis< anyUNKNOWN
ubuntu23.10noarchaxis< anyUNKNOWN
ubuntu24.04noarchaxis< anyUNKNOWN
ubuntu16.04noarchaxis< anyUNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	18.04	noarch	axis	< any	UNKNOWN
ubuntu	20.04	noarch	axis	< any	UNKNOWN
ubuntu	22.04	noarch	axis	< any	UNKNOWN
ubuntu	23.10	noarch	axis	< any	UNKNOWN
ubuntu	24.04	noarch	axis	< any	UNKNOWN
ubuntu	16.04	noarch	axis	< any	UNKNOWN