CVE-2013-0239 is a vulnerability in Apache CXF
Published on March 12, 2013

Apache CXF before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3, when the plaintext UsernameToken WS-SecurityPolicy is enabled, allows remote attackers to bypass authentication via a security header of a SOAP request containing a UsernameToken element that lacks a password child element.

Vendor Advisory NVD

Products Associated with CVE-2013-0239

Want to know whenever a new CVE is published for Apache CXF? stack.watch will email you.

Apache CXF

Exploit Probability

EPSS

2.65%

Percentile

85.56%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2013-0239 is a vulnerability in Apache CXFPublished on March 12, 2013

Products Associated with CVE-2013-0239

Exploit Probability

CVE-2013-0239 is a vulnerability in Apache CXF
Published on March 12, 2013