CVE-2014-0034
CVSS v2.0
4.3 (Medium)
EPSS
0.19 % (56th)
Affected Products
2
Advisories
2
The SecurityTokenService (STS) in Apache CXF before 2.6.12 and 2.7.x before 2.7.9 does not properly validate SAML tokens when caching is enabled, which allows remote attackers to gain access via an invalid SAML token.
Weaknesses
- CWE-20
- Improper Input Validation
- CVE Status
- PUBLISHED
- CNA
- Red Hat, Inc.
- Published Date
-
2014-07-07 14:55:03
(10 years ago) - Updated Date
-
2023-11-07 02:18:05
(10 months ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
|
Configuration #2
|
Configuration #3
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...