Search for vulnerabilities
Vulnerability details: VCID-6f55-kdyu-aaac
Vulnerability ID VCID-6f55-kdyu-aaac
Aliases CVE-2012-3451
GHSA-55j7-f5wf-43m4
Summary SOAPAction spoofing on document literal web services This package allows remote attackers to execute unintended web-service operations by sending a header with a SOAP Action String that is inconsistent with the message body.
Status Published
Exploitability 0.5
Weighted Severity 9.0
Risk 4.5
Affected and Fixed Packages Package Details
Weaknesses (3)
CWE-20 Improper Input Validation
CWE-1035 OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-937 OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
System Score Found at
generic_textual HIGH http://cxf.apache.org/cve-2012-3451.html
generic_textual HIGH http://rhn.redhat.com/errata/RHSA-2012-1591.html
generic_textual HIGH http://rhn.redhat.com/errata/RHSA-2012-1592.html
generic_textual HIGH http://rhn.redhat.com/errata/RHSA-2012-1594.html
generic_textual MODERATE http://rhn.redhat.com/errata/RHSA-2013-0256.html
generic_textual MODERATE http://rhn.redhat.com/errata/RHSA-2013-0257.html
generic_textual MODERATE http://rhn.redhat.com/errata/RHSA-2013-0258.html
generic_textual MODERATE http://rhn.redhat.com/errata/RHSA-2013-0259.html
generic_textual MODERATE http://rhn.redhat.com/errata/RHSA-2013-0726.html
generic_textual MODERATE http://rhn.redhat.com/errata/RHSA-2013-0743.html
rhas Important https://access.redhat.com/errata/RHSA-2012:1591
rhas Important https://access.redhat.com/errata/RHSA-2012:1592
rhas Important https://access.redhat.com/errata/RHSA-2012:1594
rhas Important https://access.redhat.com/errata/RHSA-2013:0256
rhas Important https://access.redhat.com/errata/RHSA-2013:0257
rhas Important https://access.redhat.com/errata/RHSA-2013:0258
rhas Important https://access.redhat.com/errata/RHSA-2013:0259
rhas Important https://access.redhat.com/errata/RHSA-2013:0726
rhas Important https://access.redhat.com/errata/RHSA-2013:0743
epss 0.00173 https://api.first.org/data/v1/epss?cve=CVE-2012-3451
epss 0.00173 https://api.first.org/data/v1/epss?cve=CVE-2012-3451
epss 0.00173 https://api.first.org/data/v1/epss?cve=CVE-2012-3451
epss 0.00173 https://api.first.org/data/v1/epss?cve=CVE-2012-3451
epss 0.00173 https://api.first.org/data/v1/epss?cve=CVE-2012-3451
epss 0.00173 https://api.first.org/data/v1/epss?cve=CVE-2012-3451
epss 0.00173 https://api.first.org/data/v1/epss?cve=CVE-2012-3451
epss 0.00173 https://api.first.org/data/v1/epss?cve=CVE-2012-3451
epss 0.00173 https://api.first.org/data/v1/epss?cve=CVE-2012-3451
epss 0.00173 https://api.first.org/data/v1/epss?cve=CVE-2012-3451
epss 0.00173 https://api.first.org/data/v1/epss?cve=CVE-2012-3451
epss 0.00273 https://api.first.org/data/v1/epss?cve=CVE-2012-3451
epss 0.00273 https://api.first.org/data/v1/epss?cve=CVE-2012-3451
epss 0.00273 https://api.first.org/data/v1/epss?cve=CVE-2012-3451
epss 0.00273 https://api.first.org/data/v1/epss?cve=CVE-2012-3451
epss 0.09969 https://api.first.org/data/v1/epss?cve=CVE-2012-3451
epss 0.09969 https://api.first.org/data/v1/epss?cve=CVE-2012-3451
epss 0.09969 https://api.first.org/data/v1/epss?cve=CVE-2012-3451
epss 0.09969 https://api.first.org/data/v1/epss?cve=CVE-2012-3451
epss 0.09969 https://api.first.org/data/v1/epss?cve=CVE-2012-3451
epss 0.09969 https://api.first.org/data/v1/epss?cve=CVE-2012-3451
epss 0.09969 https://api.first.org/data/v1/epss?cve=CVE-2012-3451
epss 0.09969 https://api.first.org/data/v1/epss?cve=CVE-2012-3451
epss 0.09969 https://api.first.org/data/v1/epss?cve=CVE-2012-3451
epss 0.09969 https://api.first.org/data/v1/epss?cve=CVE-2012-3451
epss 0.09969 https://api.first.org/data/v1/epss?cve=CVE-2012-3451
epss 0.09969 https://api.first.org/data/v1/epss?cve=CVE-2012-3451
epss 0.09969 https://api.first.org/data/v1/epss?cve=CVE-2012-3451
epss 0.10224 https://api.first.org/data/v1/epss?cve=CVE-2012-3451
epss 0.10224 https://api.first.org/data/v1/epss?cve=CVE-2012-3451
epss 0.10224 https://api.first.org/data/v1/epss?cve=CVE-2012-3451
epss 0.10224 https://api.first.org/data/v1/epss?cve=CVE-2012-3451
epss 0.10224 https://api.first.org/data/v1/epss?cve=CVE-2012-3451
epss 0.10224 https://api.first.org/data/v1/epss?cve=CVE-2012-3451
epss 0.10224 https://api.first.org/data/v1/epss?cve=CVE-2012-3451
epss 0.10224 https://api.first.org/data/v1/epss?cve=CVE-2012-3451
epss 0.10224 https://api.first.org/data/v1/epss?cve=CVE-2012-3451
epss 0.10224 https://api.first.org/data/v1/epss?cve=CVE-2012-3451
epss 0.10224 https://api.first.org/data/v1/epss?cve=CVE-2012-3451
epss 0.10224 https://api.first.org/data/v1/epss?cve=CVE-2012-3451
epss 0.10224 https://api.first.org/data/v1/epss?cve=CVE-2012-3451
epss 0.10224 https://api.first.org/data/v1/epss?cve=CVE-2012-3451
epss 0.10224 https://api.first.org/data/v1/epss?cve=CVE-2012-3451
epss 0.10224 https://api.first.org/data/v1/epss?cve=CVE-2012-3451
epss 0.10224 https://api.first.org/data/v1/epss?cve=CVE-2012-3451
epss 0.10224 https://api.first.org/data/v1/epss?cve=CVE-2012-3451
epss 0.10224 https://api.first.org/data/v1/epss?cve=CVE-2012-3451
epss 0.10224 https://api.first.org/data/v1/epss?cve=CVE-2012-3451
epss 0.10224 https://api.first.org/data/v1/epss?cve=CVE-2012-3451
epss 0.10224 https://api.first.org/data/v1/epss?cve=CVE-2012-3451
epss 0.10224 https://api.first.org/data/v1/epss?cve=CVE-2012-3451
epss 0.10224 https://api.first.org/data/v1/epss?cve=CVE-2012-3451
epss 0.10224 https://api.first.org/data/v1/epss?cve=CVE-2012-3451
epss 0.10224 https://api.first.org/data/v1/epss?cve=CVE-2012-3451
epss 0.10224 https://api.first.org/data/v1/epss?cve=CVE-2012-3451
epss 0.10224 https://api.first.org/data/v1/epss?cve=CVE-2012-3451
epss 0.10224 https://api.first.org/data/v1/epss?cve=CVE-2012-3451
epss 0.10224 https://api.first.org/data/v1/epss?cve=CVE-2012-3451
epss 0.10224 https://api.first.org/data/v1/epss?cve=CVE-2012-3451
epss 0.10224 https://api.first.org/data/v1/epss?cve=CVE-2012-3451
epss 0.10224 https://api.first.org/data/v1/epss?cve=CVE-2012-3451
epss 0.10224 https://api.first.org/data/v1/epss?cve=CVE-2012-3451
epss 0.10224 https://api.first.org/data/v1/epss?cve=CVE-2012-3451
epss 0.10224 https://api.first.org/data/v1/epss?cve=CVE-2012-3451
epss 0.10224 https://api.first.org/data/v1/epss?cve=CVE-2012-3451
epss 0.10224 https://api.first.org/data/v1/epss?cve=CVE-2012-3451
epss 0.10224 https://api.first.org/data/v1/epss?cve=CVE-2012-3451
epss 0.10224 https://api.first.org/data/v1/epss?cve=CVE-2012-3451
epss 0.10224 https://api.first.org/data/v1/epss?cve=CVE-2012-3451
epss 0.10224 https://api.first.org/data/v1/epss?cve=CVE-2012-3451
epss 0.16104 https://api.first.org/data/v1/epss?cve=CVE-2012-3451
generic_textual HIGH https://bugzilla.redhat.com/show_bug.cgi?id=851896
generic_textual MODERATE http://secunia.com/advisories/51607
generic_textual HIGH https://exchange.xforce.ibmcloud.com/vulnerabilities/78734
cvssv3.1_qr HIGH https://github.com/advisories/GHSA-55j7-f5wf-43m4
cvssv3.1 3.7 https://github.com/apache/cxf
generic_textual LOW https://github.com/apache/cxf
generic_textual HIGH https://github.com/apache/cxf/commit/7230648f96573820d5bfa82c92c637391b448897
generic_textual HIGH https://github.com/apache/cxf/commit/878fe37f0b09888a42005fedc725ce497b5a694a
generic_textual HIGH https://github.com/apache/cxf/commit/9c70abe28fbf2b4c4df0b93ed12295ea5a012554
generic_textual HIGH https://github.com/apache/cxf/commit/deeeaa95a861b355068ca6febc7aa02a4a8c51e5
cvssv3.1 6.1 https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf@%3Ccommits.cxf.apache.org%3E
generic_textual MODERATE https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf@%3Ccommits.cxf.apache.org%3E
cvssv3.1 9.8 https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf%40%3Ccommits.cxf.apache.org%3E
generic_textual MODERATE https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf%40%3Ccommits.cxf.apache.org%3E
cvssv3.1 9.8 https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c@%3Ccommits.cxf.apache.org%3E
generic_textual CRITICAL https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c@%3Ccommits.cxf.apache.org%3E
cvssv3.1 9.8 https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c%40%3Ccommits.cxf.apache.org%3E
generic_textual MODERATE https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c%40%3Ccommits.cxf.apache.org%3E
cvssv3.1 5.3 https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6@%3Ccommits.cxf.apache.org%3E
generic_textual MODERATE https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6@%3Ccommits.cxf.apache.org%3E
cvssv3.1 9.8 https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6%40%3Ccommits.cxf.apache.org%3E
generic_textual MODERATE https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6%40%3Ccommits.cxf.apache.org%3E
cvssv3.1 7.5 https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4@%3Ccommits.cxf.apache.org%3E
generic_textual HIGH https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4@%3Ccommits.cxf.apache.org%3E
cvssv3.1 9.8 https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4%40%3Ccommits.cxf.apache.org%3E
generic_textual MODERATE https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4%40%3Ccommits.cxf.apache.org%3E
cvssv3.1 7.5 https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e@%3Ccommits.cxf.apache.org%3E
generic_textual HIGH https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e@%3Ccommits.cxf.apache.org%3E
cvssv3.1 9.8 https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e%40%3Ccommits.cxf.apache.org%3E
generic_textual MODERATE https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e%40%3Ccommits.cxf.apache.org%3E
cvssv3.1 6.1 https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4@%3Ccommits.cxf.apache.org%3E
generic_textual MODERATE https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4@%3Ccommits.cxf.apache.org%3E
cvssv3.1 9.8 https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4%40%3Ccommits.cxf.apache.org%3E
generic_textual MODERATE https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4%40%3Ccommits.cxf.apache.org%3E
cvssv2 4.3 https://nvd.nist.gov/vuln/detail/CVE-2012-3451
generic_textual HIGH http://svn.apache.org/viewvc?view=revision&revision=1368559
Reference id Reference type URL
http://cxf.apache.org/cve-2012-3451.html
http://rhn.redhat.com/errata/RHSA-2012-1591.html
http://rhn.redhat.com/errata/RHSA-2012-1592.html
http://rhn.redhat.com/errata/RHSA-2012-1594.html
http://rhn.redhat.com/errata/RHSA-2013-0256.html
http://rhn.redhat.com/errata/RHSA-2013-0257.html
http://rhn.redhat.com/errata/RHSA-2013-0258.html
http://rhn.redhat.com/errata/RHSA-2013-0259.html
http://rhn.redhat.com/errata/RHSA-2013-0726.html
http://rhn.redhat.com/errata/RHSA-2013-0743.html
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3451.json
https://api.first.org/data/v1/epss?cve=CVE-2012-3451
https://bugzilla.redhat.com/show_bug.cgi?id=851896
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-3451
http://secunia.com/advisories/51607
http://secunia.com/advisories/52183
https://exchange.xforce.ibmcloud.com/vulnerabilities/78734
https://github.com/apache/cxf
https://github.com/apache/cxf/commit/7230648f96573820d5bfa82c92c637391b448897
https://github.com/apache/cxf/commit/878fe37f0b09888a42005fedc725ce497b5a694a
https://github.com/apache/cxf/commit/9c70abe28fbf2b4c4df0b93ed12295ea5a012554
https://github.com/apache/cxf/commit/deeeaa95a861b355068ca6febc7aa02a4a8c51e5
https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf@%3Ccommits.cxf.apache.org%3E
https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf%40%3Ccommits.cxf.apache.org%3E
https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c@%3Ccommits.cxf.apache.org%3E
https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c%40%3Ccommits.cxf.apache.org%3E
https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6@%3Ccommits.cxf.apache.org%3E
https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6%40%3Ccommits.cxf.apache.org%3E
https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4@%3Ccommits.cxf.apache.org%3E
https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4%40%3Ccommits.cxf.apache.org%3E
https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e@%3Ccommits.cxf.apache.org%3E
https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e%40%3Ccommits.cxf.apache.org%3E
https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4@%3Ccommits.cxf.apache.org%3E
https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4%40%3Ccommits.cxf.apache.org%3E
http://svn.apache.org/viewvc?view=revision&revision=1368559
cpe:2.3:a:apache:cxf:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:cxf:*:*:*:*:*:*:*:*
CVE-2012-3451 https://nvd.nist.gov/vuln/detail/CVE-2012-3451
GHSA-55j7-f5wf-43m4 https://github.com/advisories/GHSA-55j7-f5wf-43m4
RHSA-2012:1591 https://access.redhat.com/errata/RHSA-2012:1591
RHSA-2012:1592 https://access.redhat.com/errata/RHSA-2012:1592
RHSA-2012:1594 https://access.redhat.com/errata/RHSA-2012:1594
RHSA-2013:0256 https://access.redhat.com/errata/RHSA-2013:0256
RHSA-2013:0257 https://access.redhat.com/errata/RHSA-2013:0257
RHSA-2013:0258 https://access.redhat.com/errata/RHSA-2013:0258
RHSA-2013:0259 https://access.redhat.com/errata/RHSA-2013:0259
RHSA-2013:0726 https://access.redhat.com/errata/RHSA-2013:0726
RHSA-2013:0743 https://access.redhat.com/errata/RHSA-2013:0743
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L Found at https://github.com/apache/cxf
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Found at https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf@%3Ccommits.cxf.apache.org%3E
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf%40%3Ccommits.cxf.apache.org%3E
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c@%3Ccommits.cxf.apache.org%3E
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c%40%3Ccommits.cxf.apache.org%3E
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6@%3Ccommits.cxf.apache.org%3E
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6%40%3Ccommits.cxf.apache.org%3E
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4@%3Ccommits.cxf.apache.org%3E
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4%40%3Ccommits.cxf.apache.org%3E
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e@%3Ccommits.cxf.apache.org%3E
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e%40%3Ccommits.cxf.apache.org%3E
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Found at https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4@%3Ccommits.cxf.apache.org%3E
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4%40%3Ccommits.cxf.apache.org%3E
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2012-3451
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.55138
EPSS Score 0.00173
Published At Nov. 1, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.