CVE-2012-2379

Apache CXF <2.4.8-<2.5.4-<2.6.1 - Unspecified Vuln

Title source: llm
STIX 2.1

Description

Apache CXF 2.4.x before 2.4.8, 2.5.x before 2.5.4, and 2.6.x before 2.6.1, when a Supporting Token specifies a child WS-SecurityPolicy 1.1 or 1.2 policy, does not properly ensure that an XML element is signed or encrypted, which has unspecified impact and attack vectors.

References (24)

Core 24
Core References
Vendor Advisory vendor-advisory x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2012-1559.html
Vendor Advisory vendor-advisory x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2013-0192.html
Vendor Advisory vendor-advisory x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2013-0198.html
Vendor Advisory vendor-advisory x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2012-1594.html
Vendor Advisory vendor-advisory x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2013-0195.html
Vendor Advisory vendor-advisory x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2013-0196.html
Vendor Advisory vendor-advisory x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2013-0193.html
Vendor Advisory vendor-advisory x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2012-1592.html
Vendor Advisory vendor-advisory x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2013-0191.html
Vendor Advisory vendor-advisory x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2012-1593.html
Vendor Advisory vendor-advisory x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2012-1573.html
Vendor Advisory vendor-advisory x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2012-1591.html
Vendor Advisory vendor-advisory x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2013-0197.html
Vendor Advisory vendor-advisory x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2013-0194.html
Patch, Vendor Advisory x_refsource_confirm
http://cxf.apache.org/cve-2012-2379.html
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/51607
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/51984

Scores

EPSS 0.0411
EPSS Percentile 89.6%

Details

Status published
Products (14)
apache/cxf 2.4.0
apache/cxf 2.4.1
apache/cxf 2.4.2
apache/cxf 2.4.3
apache/cxf 2.4.4
apache/cxf 2.4.5
apache/cxf 2.4.6
apache/cxf 2.4.7
apache/cxf 2.5.0
apache/cxf 2.5.1
... and 4 more
Published Jan 03, 2013
Tracked Since Feb 18, 2026