Apache CXF SAML Tokens Validation Security Bypass Vulnerability

Bugtraq ID: 68441
Class: Access Validation Error
CVE: CVE-2014-0034
Remote: Yes
Local: No
Published: Jul 07 2014 12:00AM
Updated: May 12 2015 07:47PM
Credit: Reported by the vendor
Vulnerable: Redhat JBoss Enterprise Application Platform 6.2.4
Redhat JBoss Enterprise Application Platform 6.2 EL6
Redhat JBoss Enterprise Application Platform 6.2 EL5
Redhat JBoss Enterprise Application Platform 6 EL6
Redhat JBoss Enterprise Application Platform 6 EL5
Redhat JBoss BRMS 6.0.3
Redhat Jboss Bpm Suite 6.0.3
Redhat Jboss Bpm Suite 6.0.1
Redhat Jboss Bpm Suite 6.0.0
Apache Apache CXF 2.7.8
Apache Apache CXF 2.6.11
Apache Apache CXF 2.6.2
Apache Apache CXF 2.6.1
Apache Apache CXF 2.6
Apache Apache CXF 2.7.4
Apache Apache CXF 2.7.3
Apache Apache CXF 2.7.2
Apache Apache CXF 2.6.7
Apache Apache CXF 2.6.6
Apache Apache CXF 2.6.5
Not Vulnerable: Redhat JBoss BRMS 6.1
Redhat Jboss Bpm Suite 6.1
Apache Apache CXF 2.7.9
Apache Apache CXF 2.6.12


 

Privacy Statement
Copyright 2010, SecurityFocus