Security Advisory

CVE-2017-5653

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2017-04-18 16:00:00

Last updated 2024-08-05 15:11:48

Assigner apache

State PUBLISHED

Description

JAX-RS XML Security streaming clients in Apache CXF before 3.1.11 and 3.0.13 do not validate that the service response was signed or encrypted, which allows remote attackers to spoof servers.

← Browse all CVEs View on cve.org ↗