-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


CVE-2015-5253: Apache CXF SAML SSO processing is vulnerable to a wrapping attack

Severity: Major

Vendor: The Apache Software Foundation

Versions Affected:

This vulnerability affects all versions of Apache CXF prior to 3.1.3, 3.0.7 and 2.7.18.

Description:

Apache CXF offers a module that adds support for SAML SSO to a JAX-RS endpoint.
It is possible to construct a SAML Response by means of a wrapping attack, that
allows a malicious user to log in instead of the principal extracted from
the signed SAML assertion.

This has been fixed in revision:

https://git-wip-us.apache.org/repos/asf?p=cxf.git;a=commit;h=845eccb6484b43ba02875c71e824db23ae4f20c0

Migration:

CXF 2.7.x users should upgrade to 2.7.18 or later as soon as possible.
CXF 3.0.x users should upgrade to 3.0.7 or later as soon as possible.
CXF 3.1.x users should upgrade to 3.1.3 or later as soon as possible.

References: http://cxf.apache.org/security-advisories.html
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQEcBAEBAgAGBQJWQy+4AAoJEGe/gLEK1TmDRiUIALQIwSJBJU7c+p4hqlgbYfSK
Kn0wnTw91xSQmXZzn7JnB76EECZXOubEBtpvszSjawetRvHHIhjkgowEzKFbKDXQ
xHiy7v2SwTmbSyAUcJQ069velrW86aEUaQlUPB4pHWjTvCvFgDiZLncLKG9wGya5
A3jdRldZmKOJ3Niv2D2NZsZqzDVDo1OyS/RtBOgeW+KcovIgcUeIgo8SWakuPf6v
gk3ZtRa8wMKcgAjY7S1Tm+aQVBh4m2cNT+obn48C1Sq2g7mQXEGuvP3VaF7Gbo+m
zvrbbz++GxC5PPXv3qjBZH2o2Q/IdsiSAtRe+6vVUVQniFJzXkZHor2biUZVnFs=
=b3bL
-----END PGP SIGNATURE-----