PROBLEM:
Apache CXF Lets Remote Authenticated Users Execute Unauthorized SOAP Actions
PLATFORM:
This vulnerability affects all released versions of Apache CXF.
ABSTRACT:
A vulnerability was reported in Apache CXF
reference LINKS:
SecurityTracker Alert ID: 1027554
Apache CXF Security Advisories
Apache CXF Advisory - CVE-2012-3451
CVE-2012-3451
IMPACT ASSESSMENT:
High
Discussion:
A vulnerability was reported in Apache CXF. A remote authenticated user can execute unauthorized commands on the target web service.
Impact:
A remote authenticated user can execute potentially unauthorized actions on the target web service.
Solution:
The vendor has issued a fix: Revision 1368559