SAML Security Vulnerability in Apache CXF and WSS4J
CVE-2014-3623

Currently unrated

Key Information:

Vendor

Apache
Status
Wss4j
Vendor
CVE Published:
30 October 2014

What is CVE-2014-3623?

A vulnerability in Apache WSS4J and Apache CXF allows for inadequate enforcement of SAML SubjectConfirmation method security semantics. This flaw can be exploited by remote attackers to conduct spoofing attacks. Proper implementation and security practices are crucial in preventing unauthorized access and ensuring data integrity.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.securityfocus.com/bid/70736
vdb-entryx_refsource_BID
http://rhn.redhat.com/errata/RHSA-2015-0675.html
vendor-advisoryx_refsource_REDHAT
http://seclists.org/oss-sec/2014/q4/437
mailing-listx_refsource_MLIST

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.