CyberSec.Space Logo
Back to CVE Browser

CVE-2019-12419

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0800%
EPSS Percentile1.26th
PublishedNov 6, 2019
Last ModifiedNov 21, 2024

Vulnerability Description

Apache CXF before 3.3.4 and 3.2.11 provides all of the components that are required to build a fully fledged OpenId Connect service. There is a vulnerability in the access token services, where it does not validate that the authenticated principal is equal to that of the supplied clientId parameter in the request. If a malicious client was able to somehow steal an authorization code issued to another client, then they could exploit this vulnerability to obtain an access token for the other client.

Affected Platforms (CPE)

πŸ“¦
Apache

Cxf

>= 3.2.0 and < 3.2.11
πŸ“¦
Apache

Cxf

>= 3.3.0 and < 3.3.4
πŸ“¦
Oracle

Commerce Guided Search

= 11.3.2
πŸ“¦
Oracle

Enterprise Manager Base Platform

= 13.2.1.0
πŸ“¦
Oracle

Flexcube Private Banking

= 12.0.0
πŸ“¦
Oracle

Flexcube Private Banking

= 12.1.0
πŸ“¦
Oracle

Retail Order Broker

= 15.0

References & Advisories

πŸ”— http://cxf.apache.org/security-advisories.data/CVE-2019-12419.txt.asc
πŸ”— https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf%40%3Ccommits.cxf.apache.org%3E
πŸ”— https://lists.apache.org/thread.html/r861eb1a9e0250e9150215b17f0263edf62becd5e20fc96251cff59f6%40%3Cdev.cxf.apache.org%3E
πŸ”— https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c%40%3Ccommits.cxf.apache.org%3E
πŸ”— https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6%40%3Ccommits.cxf.apache.org%3E
πŸ”— https://lists.apache.org/thread.html/re7593a274ee0a85d304d5d42c66fc0081c94d7f22bc96a1084d43b80%40%3Cdev.cxf.apache.org%3E
πŸ”— https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4%40%3Ccommits.cxf.apache.org%3E
πŸ”— https://lists.apache.org/thread.html/ree5fc719e330f82ae38a2b0050c91f18ed5b878312dc0b9e0b9815be%40%3Cdev.cxf.apache.org%3E

Related Vulnerabilities

CVE-2012-237910.0

Apache CXF 2.4.x before 2.4.8, 2.5.x before 2.5.4, and 2.6.x before 2.6.1, when a Supporting Token specifies a child WS-SecurityPo...

CVE-2012-08039.8

The WS-SP UsernameToken policy in Apache CXF 2.4.5 and 2.5.1 allows remote attackers to bypass authentication by sending an empty ...

CVE-2010-20769.8

Apache CXF 2.0.x before 2.0.13, 2.1.x before 2.1.10, and 2.2.x before 2.2.9, as used in Apache ServiceMix, Apache Camel, Apache Ch...

CVE-2016-44649.8

The application plugins in Apache CXF Fediz 1.2.x before 1.2.3 and 1.3.x before 1.3.1 do not match SAML AudienceRestriction values...