CVE-2012-5351
Improper Authentication in maven/org.apache.axis2/axis2
Identifiers
GHSA-66rx-gqx3-p98m, CVE-2012-5351
Package Slug
maven/org.apache.axis2/axis2
Vulnerability
Improper Authentication
Description
Apache Axis2 allows remote attackers to forge messages and bypass authentication via a SAML assertion that lacks a Signature element, aka a "Signature exclusion attack," a different vulnerability than CVE-2012-4418.
Affected Versions
All versions before 1.6.4
Solution
Upgrade to version 1.6.4 or above.
Last Modified
2022-07-24
| source |