CVE-2024-29736

CRITICAL

Apache CXF <4.0.5, 3.6.4, 3.5.9 - SSRF

Title source: llm

Description

A SSRF vulnerability in WADL service description in versions of Apache CXF before 4.0.5, 3.6.4 and 3.5.9 allows an attacker to perform SSRF style attacks on REST webservices. The attack only applies if a custom stylesheet parameter is configured.

References (3)

Core 3

Core References

Mailing List

http://www.openwall.com/lists/oss-security/2024/07/18/2

Vendor Advisory

https://security.netapp.com/advisory/ntap-20241115-0003/

Mailing List, Vendor Advisory vendor-advisory

https://lists.apache.org/thread/4jtpsswn2r6xommol54p5mg263ysgdw2

Scores

CVSS v3 9.1

EPSS 0.0054

EPSS Percentile 68.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Details

CWE

CWE-918

Status published

Products (2)

apache/cxf < 3.5.9

org.apache.cxf/cxf-rt-rs-service-description 4.0.0 - 4.0.5Maven

Published Jul 19, 2024

Tracked Since Feb 18, 2026