CVE-2023-51441
CVSS v3.1
7.2 (High)
EPSS
0.09 % (41th)
Affected Products
1
Advisories
3
NVD Status
Modified
UNSUPPORTED WHEN ASSIGNED Improper Input Validation vulnerability in Apache Axis allowed users with access to the admin service to perform possible SSRF
This issue affects Apache Axis: through 1.3.
As Axis 1 has been EOL we recommend you migrate to a different SOAP engine, such as Apache Axis 2/Java. Alternatively you could use a build of Axis with the patch from https://github.com/apache/axis-axis1-java/commit/685c309febc64aa393b2d64a05f90e7eb9f73e06 applied. The Apache Axis project does not expect to create an Axis 1.x release
fixing this problem, though contributors that would like to work towards
this are welcome.
Weaknesses
- CWE-918
- Server-Side Request Forgery (SSRF)
- CVE Status
- PUBLISHED
- NVD Status
- Modified
- CNA
- Apache Software Foundation
- Published Date
-
2024-01-06 12:15:42
(8 months ago) - Updated Date
-
2024-08-02 23:15:47
(6 weeks ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...