CVE-2015-5253 — Improper Access Control in Apache CXF

Description

The SAML Web SSO module in Apache CXF before 2.7.18, 3.0.x before 3.0.7, and 3.1.x before 3.1.3 allows remote authenticated users to bypass authentication via a crafted SAML response with a valid signed assertion, related to a "wrapping attack."

How to fix CVE-2015-5253

To remediate CVE-2015-5253, upgrade the affected package to a fixed version below.

Maven/org.apache.cxf:cxf-rt-rs-security-sso-saml—upgrade to 2.7.18 or later

Is CVE-2015-5253 being exploited?

Low — EPSS is 0.3%, meaning exploitation activity has not been observed at scale.

Affected packages (1)

from 0, < 2.7.18

References (15)

ADVISORYnvd.nist.gov/vuln/detail/CVE-2015-5253
WEBcxf.apache.org/security-advisories.data/CVE-2015-5253.txt.asc
WEBrhn.redhat.com/errata/RHSA-2016-0321.html
WEBgithub.com/apache/cxf
WEB