Apache Axis2 allows remote attackers to forge messages and bypass authentication via a SAML assertion that lacks a Signature element, aka a "Signature exclusion attack," a different vulnerability than CVE-2012-4418.
References
Configurations
History
20 Apr 2022, 00:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
Information
Published : 2012-10-09 23:55
Updated : 2024-02-04 18:16
NVD link : CVE-2012-5351
Mitre link : CVE-2012-5351
CVE.ORG link : CVE-2012-5351
JSON object : View
Products Affected
apache
- axis2
CWE
CWE-287
Improper Authentication