Description

The SymmetricBinding in Apache CXF before 2.6.13 and 2.7.x before 2.7.10, when EncryptBeforeSigning is enabled and the UsernameToken policy is set to an EncryptedSupportingToken, transmits the UsernameToken in cleartext, which allows remote attackers to obtain sensitive information by sniffing the network.

Remediation

References

http://cxf.apache.org/security-advisories.data/CVE-2014-0035.txt.asc

http://rhn.redhat.com/errata/RHSA-2014-0797.html

http://rhn.redhat.com/errata/RHSA-2014-0798.html

http://rhn.redhat.com/errata/RHSA-2014-0799.html

http://rhn.redhat.com/errata/RHSA-2014-1351.html

http://rhn.redhat.com/errata/RHSA-2015-0850.html

http://rhn.redhat.com/errata/RHSA-2015-0851.html

http://svn.apache.org/viewvc?view=revision&revision=1564724

https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf%40%3Ccommits.cxf.apache.org%3E

https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c%40%3Ccommits.cxf.apache.org%3E

https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6%40%3Ccommits.cxf.apache.org%3E

https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4%40%3Ccommits.cxf.apache.org%3E

https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e%40%3Ccommits.cxf.apache.org%3E

https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4%40%3Ccommits.cxf.apache.org%3E

Related Vulnerabilities

CVE-2023-25500 Vulnerability in maven package com.vaadin:flow-server

CVE-2019-10325 Vulnerability in maven package io.jenkins.plugins:warnings-ng

CVE-2018-1000402 Vulnerability in maven package org.jenkins-ci.plugins:codedeploy

CVE-2010-1870 Vulnerability in maven package com.opensymphony:xwork-core

CVE-2015-5344 Vulnerability in maven package org.apache.camel:camel-core

Severity

Critical

Classification

CWE-310

Tags

Vendor Advisory Patch