Description
The SymmetricBinding in Apache CXF before 2.6.13 and 2.7.x before 2.7.10, when EncryptBeforeSigning is enabled and the UsernameToken policy is set to an EncryptedSupportingToken, transmits the UsernameToken in cleartext, which allows remote attackers to obtain sensitive information by sniffing the network.
Remediation
References
http://cxf.apache.org/security-advisories.data/CVE-2014-0035.txt.asc
http://rhn.redhat.com/errata/RHSA-2014-0797.html
http://rhn.redhat.com/errata/RHSA-2014-0798.html
http://rhn.redhat.com/errata/RHSA-2014-0799.html
http://rhn.redhat.com/errata/RHSA-2014-1351.html
http://rhn.redhat.com/errata/RHSA-2015-0850.html
http://rhn.redhat.com/errata/RHSA-2015-0851.html
http://svn.apache.org/viewvc?view=revision&revision=1564724
https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf%40%3Ccommits.cxf.apache.org%3E
https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c%40%3Ccommits.cxf.apache.org%3E
https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6%40%3Ccommits.cxf.apache.org%3E
https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4%40%3Ccommits.cxf.apache.org%3E
https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e%40%3Ccommits.cxf.apache.org%3E
https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4%40%3Ccommits.cxf.apache.org%3E
Related Vulnerabilities
CVE-2023-29529 Vulnerability in npm package matrix-js-sdk
CVE-2022-45392 Vulnerability in maven package io.jenkins.plugins:cavisson-ns-nd-integration
CVE-2022-43429 Vulnerability in maven package com.compuware.jenkins:compuware-topaz-for-total-test
CVE-2017-5635 Vulnerability in maven package org.apache.nifi:nifi-framework-authorization
CVE-2023-36542 Vulnerability in maven package org.apache.nifi:nifi-cdc-mysql-processors