The implementations of PKCS#1 v1.5 key transport mechanism for XMLEncryption in JBossWS and Apache WSS4J before 1.6.5 is susceptible to a Bleichenbacher attack.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
History
No history.
Information
Published : 2020-03-11 16:15
Updated : 2024-02-28 17:28
NVD link : CVE-2011-2487
Mitre link : CVE-2011-2487
CVE.ORG link : CVE-2011-2487
JSON object : View
Products Affected
redhat
- jboss_enterprise_soa_platform
- jboss_enterprise_application_platform_text-only_advisories
- jboss_business_rules_management_system
- jboss_middleware_text-only_advisories
- jboss_enterprise_application_platform
- jboss_portal
- jboss_web_services
- jboss_enterprise_web_platform
apache
- cxf
- wss4j
CWE
CWE-327
Use of a Broken or Risky Cryptographic Algorithm