Bug 1093529 (CVE-2014-0034)
| Summary: | CVE-2014-0034 Apache CXF: The SecurityTokenService accepts certain invalid SAML Tokens as valid | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | Arun Babu Neelicattu <aneelica> |
| Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
| Status: | CLOSED ERRATA | QA Contact: | |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | unspecified | CC: | aileenc, alazarot, anil.saldhana, bdawidow, bleanhar, brms-jira, ccoleman, cdewolf, chazlett, dandread, darran.lofthouse, dmcphers, epp-bugs, etirelli, grocha, gvarsami, hfnukal, jason.greene, jawilson, jcoleman, jdetiber, jialiu, jkeck, jokerman, jpallich, kconner, kseifried, ldimaggi, lgao, lmeyer, lpetrovi, mbaluch, mgoldman, mmccomas, mwinkler, myarboro, nwallace, pavelp, pcheung, pgier, pslavice, rrajasek, rsvoboda, rwagner, rzhang, soa-p-jira, tcunning, theute, tkirby, twalsh, vtunka, weli |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | cxf 2.6.14, cxf 2.7.11 | Doc Type: | Bug Fix |
| Doc Text: |
It was found that the SecurityTokenService (STS), provided as a part of Apache CXF, could under certain circumstances accept invalid SAML tokens as valid. A remote attacker could use a specially crafted SAML token to gain access to an application that uses STS for validation of SAML tokens.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | 2016-07-12 23:18:15 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 1095492, 1095527, 1095528, 1095529, 1095530, 1095531, 1095532, 1095533, 1166940, 1166941, 1166942, 1167713 | ||
| Bug Blocks: | 1059445, 1082938, 1093532, 1108493, 1210482 | ||
|
Description
Arun Babu Neelicattu
2014-05-02 01:42:22 UTC
This issue has been addressed in following products: Red Hat JBoss Enterprise Application Platform 6.2.4 Via RHSA-2014:0797 https://rhn.redhat.com/errata/RHSA-2014-0797.html This issue has been addressed in following products: JBEAP 6.2 for RHEL 5 Via RHSA-2014:0798 https://rhn.redhat.com/errata/RHSA-2014-0798.html This issue has been addressed in following products: JBEAP 6.2 for RHEL 6 Via RHSA-2014:0799 https://rhn.redhat.com/errata/RHSA-2014-0799.html IssueDescription: It was found that the SecurityTokenService (STS), provided as a part of Apache CXF, could under certain circumstances accept invalid SAML tokens as valid. A remote attacker could use a specially crafted SAML token to gain access to an application that uses STS for validation of SAML tokens. This issue has been addressed in the following products: Red Hat JBoss Fuse/A-MQ 6.1.0 Via RHSA-2014:1351 https://rhn.redhat.com/errata/RHSA-2014-1351.html This issue has been addressed in the following products: JBoss BPM Suite 6.1.0 Via RHSA-2015:0851 https://rhn.redhat.com/errata/RHSA-2015-0851.html This issue has been addressed in the following products: JBoss BRMS 6.1.0 Via RHSA-2015:0850 https://rhn.redhat.com/errata/RHSA-2015-0850.html jboss-connector-1.6-api-1.0.1-1.fc22, cxf-build-utils-2.6.0-1.fc22, opensaml-java-xmltooling-1.3.4-9.fc22, cxf-xjc-utils-2.6.2-1.fc22, cxf-2.7.11-1.fc22 has been pushed to the Fedora 22 stable repository. If problems still persist, please make note of it in this bug report. This issue has been addressed in the following products: JBoss Portal 6.2.0 Via RHSA-2015:1009 https://rhn.redhat.com/errata/RHSA-2015-1009.html |