Lucene search
GoogleOSV:GHSA-88R4-38GC-97P4HistoryMay 17, 2022 - 5:16 a.m.
Apache Axis2 Vulnerable to XML Signature wrapping attack
2022-05-1705:16:12
Google
osv.dev
5
apache axis2
xml signature
vulnerability
authentication
Apache Axis2 allows remote attackers to forge messages and bypass authentication via an “XML Signature wrapping attack.”
References
www.nds.rub.de/media/nds/veroeffentlichungen/2012/08/22/BreakingSAML_3.pdf
www.openwall.com/lists/oss-security/2012/09/12/1
www.openwall.com/lists/oss-security/2012/09/13/1
bugzilla.redhat.com/show_bug.cgi?id=856755
github.com/apache/axis-axis2-java-core
issues.apache.org/jira/browse/AXIS2-5930
issues.apache.org/jira/browse/AXIS2C-1694
nvd.nist.gov/vuln/detail/CVE-2012-4418
web.archive.org/web/20121114075457/www.securityfocus.com/bid/55508
Related
prion
prion
Authentication flaw
2012-10-09 23:55:00
Authentication flaw
2012-10-09 23:55:00
cve
cve
CVE-2012-4418
2012-10-09 23:55:05
CVE-2012-5351
2012-10-09 23:55:05
cvelist
cvelist
CVE-2012-4418
2012-10-09 23:00:00
CVE-2012-5351
2012-10-09 23:00:00
github
github
Apache Axis2 Vulnerable to XML Signature wrapping attack
2022-05-17 05:16:12
Improper Authentication in Apache Axis2
2022-05-13 01:01:04
nvd
nvd
CVE-2012-4418
2012-10-09 23:55:05
CVE-2012-5351
2012-10-09 23:55:05
osv
osv
Improper Authentication in Apache Axis2
2022-05-13 01:01:04
openvas
openvas
Apache Axis2 <= 1.6.2 Multiple Vulnerabilities
2015-03-17 00:00:00
ibm
ibm