CVE-2014-0035 | Vulnerability Database | Aqua Security

The SymmetricBinding in Apache CXF before 2.6.13 and 2.7.x before 2.7.10, when EncryptBeforeSigning is enabled and the UsernameToken policy is set to an EncryptedSupportingToken, transmits the UsernameToken in cleartext, which allows remote attackers to obtain sensitive information by sniffing the network.

Affected Software

Name	Vendor	Start Version	End Version
Cxf	Apache	*	2.6.12
Cxf	Apache	2.6.8	2.6.8
Cxf	Apache	2.6.0	2.6.0
Cxf	Apache	2.6.2	2.6.2
Cxf	Apache	2.6.9	2.6.9
Cxf	Apache	2.6.5	2.6.5
Cxf	Apache	2.6.10	2.6.10
Cxf	Apache	2.6.6	2.6.6
Cxf	Apache	2.6.3	2.6.3
Cxf	Apache	2.6.4	2.6.4
Cxf	Apache	2.6.11	2.6.11
Cxf	Apache	2.6.1	2.6.1
Cxf	Apache	2.6.7	2.6.7

References

http://rhn.redhat.com/errata/RHSA-2014-0798.html
http://cxf.apache.org/security-advisories.data/CVE-2014-0035.txt.asc
http://rhn.redhat.com/errata/RHSA-2014-0799.html
http://rhn.redhat.com/errata/RHSA-2014-0797.html
http://svn.apache.org/viewvc?view=revision\u0026revision=1564724
http://rhn.redhat.com/errata/RHSA-2014-1351.html
http://rhn.redhat.com/errata/RHSA-2015-0851.html
http://rhn.redhat.com/errata/RHSA-2015-0850.html
https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c%40%3Ccommits.cxf.apache.org%3E
https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf%40%3Ccommits.cxf.apache.org%3E
https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4%40%3Ccommits.cxf.apache.org%3E
https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6%40%3Ccommits.cxf.apache.org%3E
https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4%40%3Ccommits.cxf.apache.org%3E
https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e%40%3Ccommits.cxf.apache.org%3E

NVD	https://nvd.nist.gov/vuln/detail/CVE-2014-0035
CWE	https://cwe.mitre.org/data/definitions/310.html