NVD

Id
86042  
Name
CVE-2017-7661  
Description
Apache CXF Fediz ships with a number of container-specific plugins to enable WS-Federation for applications. A CSRF (Cross Style Request Forgery) style vulnerability has been found in the Spring 2, Spring 3, Jetty 8 and Jetty 9 plugins in Apache CXF Fediz prior to 1.4.0, 1.3.2 and 1.2.4.  
Reject
 
CVSS Version
2  
CVSS Score
6.8  
Severity
Medium  
CVSS Base Score
6.8  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:P/I:P/A:P)  
Pub Date
2017-07-18  
Published
2017-05-16  
Modified Date
2017-07-07  
Seq
2017-7661  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
422630 86042 CVE-2017-0465 98184  View
422631 86042 CVE-2017-0465 https://source.android.com/security/bulletin/2017-05-01  View
422632 86042 CVE-2017-0465 98184  View
422633 86042 CVE-2017-0465 https://source.android.com/security/bulletin/2017-05-01  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
67774 JVNDB-2017-004063 Apache CXF Fediz の複数のプラグインにおけるクロスサイトリクエストフォージェリの脆弱性 Apache CXF Fediz のSpring 2、Spring 3、Jetty 8 および Jetty 9 プラグインには、クロスサイトリクエストフォージェリの脆弱性が存在します。 CVE-2017-7661 0 CVE-2017-7661 86042 6.8 8.8 http://jvndb.jvn.jp/ja/contents/2017/JVNDB-2017-004063.html 2017-05-16 2017-06-15 View