----BEGIN PGP SIGNED MESSAGE----
An XML Encryption backwards compatibility attack on Apache CXF is described by
This attack relates to a previous security advisory CVE-2011-1096
(http://cxf.apache.org/note-on-cve-2011-1096.html). CVE-2011-1096 exploited a
cryptographic weakness in the CBC mode of XML Encryption, to conduct chosen
ciphertext attacks leading to the recovery of the entire plaintext. The fix
for CVE-2011-1096 was to switch to use GCM instead of CBC. Please see the note
linked above for more information.
CVE-2012-5575 resurrects the previous attack by relying on the fact that
Apache CXF will attempt to decrypt arbitrary ciphertexts, without first
checking to see if the algorithm corresponds to the given encryption algorithm
defined by the WS-SecurityPolicy AlgorithmSuite definition.
Any version of CXF that uses Apache WSS4J 1.6.7 or below is vulnerable to this
attack. In other words, any version of CXF below 2.5.7, 2.6.4, or 2.7.1.
However due to separate security advisories, we urge CXF users to upgrade to
one of the latest releases as follows:
CXF 2.5.x users should upgrade to CXF 2.5.10.
CXF 2.6.x users should upgrade to CXF 2.6.7.
CXF 2.7.x users should upgrade to CXF 2.7.4.
----BEGIN PGP SIGNATURE----
Version: GnuPG v1.4.11 (GNU/Linux)
----END PGP SIGNATURE----