Описание
The SymmetricBinding in Apache CXF before 2.6.13 and 2.7.x before 2.7.10, when EncryptBeforeSigning is enabled and the UsernameToken policy is set to an EncryptedSupportingToken, transmits the UsernameToken in cleartext, which allows remote attackers to obtain sensitive information by sniffing the network.
It was discovered that UsernameTokens were sent in plain text by an Apache CXF client that used a Symmetric EncryptBeforeSigning password policy. A man-in-the-middle attacker could use this flaw to obtain the user name and password used by the client application using Apache CXF.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| OpenShift Enterprise 1 | cxf | Will not fix | ||
| Red Hat BPM Suite 6 | cxf | Affected | ||
| Red Hat JBoss BRMS 5 | cxf | Will not fix | ||
| Red Hat JBoss BRMS 6 | cxf | Affected | ||
| Red Hat JBoss Enterprise Web Server 1 | amq-6.1 | Affected | ||
| Red Hat JBoss Enterprise Web Server 1 | amq-7.1 | Will not fix | ||
| Red Hat JBoss Enterprise Web Server 1 | fuse-6.1 | Affected | ||
| Red Hat JBoss Enterprise Web Server 1 | fuse-7.1 | Will not fix | ||
| Red Hat JBoss Fuse Service Works 6 | cxf | Affected | ||
| Red Hat JBoss Portal 6 | cxf | Affected |
Показывать по
Дополнительная информация
Статус:
EPSS
4.3 Medium
CVSS2
Связанные уязвимости
The SymmetricBinding in Apache CXF before 2.6.13 and 2.7.x before 2.7.10, when EncryptBeforeSigning is enabled and the UsernameToken policy is set to an EncryptedSupportingToken, transmits the UsernameToken in cleartext, which allows remote attackers to obtain sensitive information by sniffing the network.
Cleartext Transmission of Sensitive Information in Apache CXF
EPSS
4.3 Medium
CVSS2