CVE-2016-4464 is a vulnerability in Apache Cxf Fediz
Published on September 21, 2016

The application plugins in Apache CXF Fediz 1.2.x before 1.2.3 and 1.3.x before 1.3.1 do not match SAML AudienceRestriction values against configured audience URIs, which might allow remote attackers to have bypass intended restrictions and have unspecified other impact via a crafted SAML token with a trusted signature.

NVD

Products Associated with CVE-2016-4464

Want to know whenever a new CVE is published for Apache Cxf Fediz? stack.watch will email you.

Apache Cxf Fediz

Exploit Probability

EPSS

2.06%

Percentile

83.70%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2016-4464 is a vulnerability in Apache Cxf FedizPublished on September 21, 2016

Products Associated with CVE-2016-4464

Exploit Probability

CVE-2016-4464 is a vulnerability in Apache Cxf Fediz
Published on September 21, 2016