Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Jboss EAP Improper Input Validation Vulnerability - CVE-2014-0034 - Vulnerability Database
Jboss EAP

Jboss EAP Improper Input Validation Vulnerability - CVE-2014-0034

Medium
Reference: CVE-2014-0034
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2014-0034
Title: Jboss EAP Improper Input Validation Vulnerability
Overview:

The SecurityTokenService (STS) in Apache CXF before 2.6.12 and 2.7.x before 2.7.9 does not properly validate SAML tokens when caching is enabled which allows remote attackers to gain access via an invalid SAML token.