Description

The application plugins in Apache CXF Fediz 1.2.x before 1.2.3 and 1.3.x before 1.3.1 do not match SAML AudienceRestriction values against configured audience URIs, which might allow remote attackers to have bypass intended restrictions and have unspecified other impact via a crafted SAML token with a trusted signature.

Remediation

References

http://cxf.apache.org/security-advisories.data/CVE-2016-4464.txt.asc

http://www.openwall.com/lists/oss-security/2016/09/08/20

http://www.securityfocus.com/bid/92905

http://www.securitytracker.com/id/1036869

https://git-wip-us.apache.org/repos/asf?p=cxf-fediz.git%3Ba=commit%3Bh=0006581e9cacbeef46381a223e5671e524d416b6

https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf%40%3Ccommits.cxf.apache.org%3E

https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c%40%3Ccommits.cxf.apache.org%3E

https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6%40%3Ccommits.cxf.apache.org%3E

https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4%40%3Ccommits.cxf.apache.org%3E

https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e%40%3Ccommits.cxf.apache.org%3E

https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4%40%3Ccommits.cxf.apache.org%3E

Related Vulnerabilities

CVE-2021-22134 Vulnerability in maven package org.elasticsearch:elasticsearch

CVE-2022-36033 Vulnerability in maven package org.jsoup:jsoup

CVE-2024-36401 Vulnerability in maven package org.geoserver:gs-wfs

CVE-2023-24057 Vulnerability in maven package ca.uhn.hapi.fhir:org.hl7.fhir.r4b

CVE-2018-6341 Vulnerability in maven package org.webjars.bower:vue

Severity

Critical

Classification

CWE-284 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Tags

Mitigation Vendor Advisory Mailing List Third Party Advisory