Lucene search
China National Vulnerability DatabaseCNVD-2022-78864HistoryNov 17, 2022 - 12:00 a.m.
Apache SOAP authentication error vulnerability
2022-11-1700:00:00
China National Vulnerability Database
www.cnvd.org.cn
25
apache soap
authentication error
vulnerability
client-side
server-side
rpcrouterservlet
remote code execution
EPSS
0.007
Percentile
80.8%
Apache SOAP is used as a client-side library by the Apache Foundation to invoke SOAP services available elsewhere, and as a server-side tool to implement SOAP-accessible services. an authentication error vulnerability exists in Apache SOAP, which stems from the fact that RPCRouterServlet can be used without authentication. An attacker could exploit this vulnerability to potentially invoke methods on class paths that meet certain conditions, which could lead to arbitrary remote code execution depending on the classes available on the class path.
Related
nvd
nvd
CVE-2022-45378
2022-11-14 14:15:10
github
github
Apache SOAP contains unauthenticated RPCRouterServlet
2022-11-14 19:00:19
cvelist
cvelist
veracode
veracode
Deserialization Of Untrusted Data
2022-11-15 08:45:59
vulnrichment
vulnrichment
prion
prion
Remote code execution
2022-11-14 14:15:00
cve
cve
CVE-2022-45378
2022-11-14 14:15:10
osv
osv
Apache SOAP contains unauthenticated RPCRouterServlet
2022-11-14 19:00:19
nessus
nessus
Oracle WebCenter Portal (July 2024 CPU)
2024-07-18 00:00:00
wallarmlab
wallarmlab
Can ChatGPT be used to attack your APIs? | API Security Newsletter
2022-12-09 19:38:00
qualysblog
qualysblog
Oracle Patch Update, April 2024 Security Update Review
2024-04-17 14:39:59
Oracle Critical Patch Update, July 2024 Security Update Review
2024-07-17 14:34:50
oracle
oracle
Oracle Critical Patch Update Advisory - July 2024
2024-07-16 00:00:00
Oracle Critical Patch Update Advisory - April 2024
2024-04-16 00:00:00