CVE-2012-5351
Apache Axis2 - Auth Bypass
Title source: llmDescription
Apache Axis2 allows remote attackers to forge messages and bypass authentication via a SAML assertion that lacks a Signature element, aka a "Signature exclusion attack," a different vulnerability than CVE-2012-4418.
Scores
EPSS
0.0031
EPSS Percentile
53.8%
Classification
CWE
CWE-287
Status
draft
Affected Products (2)
apache/axis2
org.apache.axis2/axis2
< 1.6.4Maven
Timeline
Published
Oct 09, 2012
Tracked Since
Feb 18, 2026