Apache CXF 2.4.x before 2.4.8, 2.5.x before 2.5.4, and 2.6.x before 2.6.1, when a Supporting Token specifies a child WS-SecurityPolicy 1.1 or 1.2 policy, does not properly ensure that an XML element is signed or encrypted, which has unspecified impact and attack vectors.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: redhat
Published: 2013-01-03T01:00:00
Updated: 2021-06-16T11:07:02
Reserved: 2012-04-19T00:00:00
Link: CVE-2012-2379
JSON object: View
NVD Information
Status : Modified
Published: 2013-01-03T01:55:01.467
Modified: 2023-02-13T00:24:58.890
Link: CVE-2012-2379
JSON object: View
Redhat Information
No data.
CWE