CVE-2016-4464

{"id": "CVE-2016-4464", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2016-09-21T18:59:04.897", "references": [{"url": "http://cxf.apache.org/security-advisories.data/CVE-2016-4464.txt.asc", "tags": ["Mitigation", "Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.openwall.com/lists/oss-security/2016/09/08/20", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.securityfocus.com/bid/92905", "source": "secalert@redhat.com"}, {"url": "http://www.securitytracker.com/id/1036869", "source": "secalert@redhat.com"}, {"url": "https://git-wip-us.apache.org/repos/asf?p=cxf-fediz.git%3Ba=commit%3Bh=0006581e9cacbeef46381a223e5671e524d416b6", "source": "secalert@redhat.com"}, {"url": "https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf%40%3Ccommits.cxf.apache.org%3E", "source": "secalert@redhat.com"}, {"url": "https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c%40%3Ccommits.cxf.apache.org%3E", "source": "secalert@redhat.com"}, {"url": "https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6%40%3Ccommits.cxf.apache.org%3E", "source": "secalert@redhat.com"}, {"url": "https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4%40%3Ccommits.cxf.apache.org%3E", "source": "secalert@redhat.com"}, {"url": "https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e%40%3Ccommits.cxf.apache.org%3E", "source": "secalert@redhat.com"}, {"url": "https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4%40%3Ccommits.cxf.apache.org%3E", "source": "secalert@redhat.com"}, {"url": "http://cxf.apache.org/security-advisories.data/CVE-2016-4464.txt.asc", "tags": ["Mitigation", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.openwall.com/lists/oss-security/2016/09/08/20", "tags": ["Mailing List", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/92905", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securitytracker.com/id/1036869", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://git-wip-us.apache.org/repos/asf?p=cxf-fediz.git%3Ba=commit%3Bh=0006581e9cacbeef46381a223e5671e524d416b6", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf%40%3Ccommits.cxf.apache.org%3E", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c%40%3Ccommits.cxf.apache.org%3E", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6%40%3Ccommits.cxf.apache.org%3E", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4%40%3Ccommits.cxf.apache.org%3E", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e%40%3Ccommits.cxf.apache.org%3E", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4%40%3Ccommits.cxf.apache.org%3E", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-284"}]}], "descriptions": [{"lang": "en", "value": "The application plugins in Apache CXF Fediz 1.2.x before 1.2.3 and 1.3.x before 1.3.1 do not match SAML AudienceRestriction values against configured audience URIs, which might allow remote attackers to have bypass intended restrictions and have unspecified other impact via a crafted SAML token with a trusted signature."}, {"lang": "es", "value": "Los plugins de aplicaci\u00f3n en Apache CXF Fediz 1.2.x en versiones anteriores a 1.2.3 y 1.3.x en versiones anteriores a 1.3.1 no coinciden con valores SAML AudienceRestriction contra URls de audiencias configuradas, lo que podr\u00eda permitir a atacantes remotos eludir restricciones intencionadas y tener otro impacto no especificado a trav\u00e9s de un token SAML manipulado con una firma confiable."}], "lastModified": "2025-04-12T10:46:40.837", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:apache:cxf_fediz:1.2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BCDDBC5A-BAB8-445D-98A2-8410D910771E"}, {"criteria": "cpe:2.3:a:apache:cxf_fediz:1.2.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "010277EF-159B-4C7A-A24F-3C33581C36E4"}, {"criteria": "cpe:2.3:a:apache:cxf_fediz:1.2.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8093CD47-F305-46C4-9C3E-953A80898777"}, {"criteria": "cpe:2.3:a:apache:cxf_fediz:1.3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FB19B991-E486-4B4E-A00C-86DEC9C586FF"}], "operator": "OR"}]}], "sourceIdentifier": "secalert@redhat.com"}