Description
The application plugins in Apache CXF Fediz 1.2.x before 1.2.3 and 1.3.x before 1.3.1 do not match SAML AudienceRestriction values against configured audience URIs, which might allow remote attackers to have bypass intended restrictions and have unspecified other impact via a crafted SAML token with a trusted signature.
Remediation
References
http://cxf.apache.org/security-advisories.data/CVE-2016-4464.txt.asc
http://www.openwall.com/lists/oss-security/2016/09/08/20
http://www.securityfocus.com/bid/92905
http://www.securitytracker.com/id/1036869
https://git-wip-us.apache.org/repos/asf?p=cxf-fediz.git%3Ba=commit%3Bh=0006581e9cacbeef46381a223e5671e524d416b6
https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf%40%3Ccommits.cxf.apache.org%3E
https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c%40%3Ccommits.cxf.apache.org%3E
https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6%40%3Ccommits.cxf.apache.org%3E
https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4%40%3Ccommits.cxf.apache.org%3E
https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e%40%3Ccommits.cxf.apache.org%3E
https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4%40%3Ccommits.cxf.apache.org%3E
Related Vulnerabilities
CVE-2021-32819 Vulnerability in npm package squirrelly
CVE-2022-33987 Vulnerability in maven package org.webjars.npm:got
CVE-2015-3250 Vulnerability in maven package org.apache.directory.api:api-ldap-client-all
CVE-2015-2156 Vulnerability in maven package io.netty:netty-all
CVE-2023-32313 Vulnerability in maven package org.webjars.npm:vm2