Lucene search
HistoryOct 09, 2012 - 11:55 p.m.
CVE-2012-5351
CVSS2
6.4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:P/A:N
AI Score
9.4
Confidence
High
EPSS
0.004
Percentile
72.3%
Apache Axis2 allows remote attackers to forge messages and bypass authentication via a SAML assertion that lacks a Signature element, aka a “Signature exclusion attack,” a different vulnerability than CVE-2012-4418.
Affected configurations
Node
apacheaxis2Match-
Related
prion
prion
Authentication flaw
2012-10-09 23:55:00
Authentication flaw
2012-10-09 23:55:00
github
github
Improper Authentication in Apache Axis2
2022-05-13 01:01:04
Apache Axis2 Vulnerable to XML Signature wrapping attack
2022-05-17 05:16:12
osv
osv
Improper Authentication in Apache Axis2
2022-05-13 01:01:04
Apache Axis2 Vulnerable to XML Signature wrapping attack
2022-05-17 05:16:12
cvelist
cvelist
CVE-2012-5351
2012-10-09 23:00:00
CVE-2012-4418
2012-10-09 23:00:00
cve
cve
CVE-2012-5351
2012-10-09 23:55:05
CVE-2012-4418
2012-10-09 23:55:05
openvas
openvas
Apache Axis2 <= 1.6.2 Multiple Vulnerabilities
2015-03-17 00:00:00
nvd
nvd
CVE-2012-4418
2012-10-09 23:55:05
CVSS2
6.4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:P/A:N
AI Score
9.4
Confidence
High
EPSS
0.004
Percentile
72.3%
Related for NVD:CVE-2012-5351