← back
CVE-2012-3451

CVE-2012-3451

EPSS 8.9%
Apache CXF before 2.4.9, 2.5.x before 2.5.5, and 2.6.x before 2.6.2 allows remote attackers to execute unintended web-service operations by sending a header with a SOAP Action String that is inconsistent with the message body.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://cxf.apache.org/cve-2012-3451.htmlhttp://rhn.redhat.com/errata/RHSA-2012-1591.htmlhttp://rhn.redhat.com/errata/RHSA-2012-1592.htmlhttp://rhn.redhat.com/errata/RHSA-2012-1594.htmlhttp://rhn.redhat.com/errata/RHSA-2013-0256.htmlhttp://rhn.redhat.com/errata/RHSA-2013-0257.htmlhttp://rhn.redhat.com/errata/RHSA-2013-0258.htmlhttp://rhn.redhat.com/errata/RHSA-2013-0259.htmlhttp://rhn.redhat.com/errata/RHSA-2013-0726.htmlhttp://rhn.redhat.com/errata/RHSA-2013-0743.htmlhttps://bugzilla.redhat.com/show_bug.cgi?id=851896http://secunia.com/advisories/51607