CVE-2011-2487

Home/CVE/The implementations of PKCS#1 v1.5 key transport mechanism for XMLEncryption in JBossWS and Apache WSS4J before 1.6.5 is

CVE

The implementations of PKCS#1 v1.5 key transport mechanism for XMLEncryption in JBossWS and Apache WSS4J before 1.6.5 is

The implementations of PKCS#1 v1.5 key transport mechanism for XMLEncryption in JBossWS and Apache WSS4J before 1.6.5 is susceptible to a Bleichenbacher attack.

MEDIUM · CVSS 5.9 EPSS 0.0049

Monitor

No active-exploitation, high-EPSS, or public-exploit signals - routine patching cadence

Sigma rules0 YARA rules0

⬡

Weakness Classification

CWE-327Use of a Broken or Risky Cryptographic Algorithm

▤

Affected Products & Versions

apache cxf>= 2.4.0 and <= 2.4.6
apache cxf>= 2.5.0 and <= 2.5.2
apache wss4j< 1.6.5
redhat jboss business rules management systemall versions
redhat jboss enterprise application platformall versions
redhat jboss enterprise application platform text-only advisoriesall versions
redhat jboss enterprise soa platformall versions
redhat jboss enterprise web platformall versions
Show all 11 affected productsredhat jboss middleware text-only advisoriesall versions
redhat jboss portalall versions
redhat jboss web servicesall versions

▤

Affected Packages

Language-ecosystem packages (from OSV) tied to this CVE, with the version that fixes it - the dependency-level detail NVD doesn’t carry.

Maven org.apache.ws.security:wss4j MODERATE fixed in 1.6.5

Maven wss4j:wss4j MODERATE fixed in 1.6.5

▣

Scoring & Timeline

5.9

MEDIUM · CVSS v3.1 · secalert@redhat.com

View on NVD

Attack Vector

Network Adjacent Local Physical

Attack Complexity

Low High

Privileges Required

None Low High

User Interaction

None Required

Scope

Unchanged Changed

Confidentiality

None Low High

Integrity

None Low High

Availability

None Low High

Published to NVD11 Mar 2020 · 04:15 PM

CVSS VectorCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

⚑

Vendor Advisories

rhsaRHSA-2016:1376Critical
rhsaRHSA-2015:1176Important
rhsaRHSA-2015:0846Important
rhsaRHSA-2015:0847Important
rhsaRHSA-2015:0848Important
Show all 30 vendor advisoriesrhsaRHSA-2015:0849Moderate
rhsaRHSA-2015:1009Low
rhsaRHSA-2015:1177Important
rhsaRHSA-2015:0773Important
rhsaRHSA-2013:1437Moderate
rhsaRHSA-2013:1028Moderate
rhsaRHSA-2013:0833Low
rhsaRHSA-2013:0834Low
rhsaRHSA-2013:0839Low
rhsaRHSA-2013:0953Important
rhsaRHSA-2013:0875Important
rhsaRHSA-2013:0874Important
rhsaRHSA-2013:0873Important
rhsaRHSA-2013:0943Important
rhsaRHSA-2013:0876Important
rhsaRHSA-2013:1006Important
rhsaRHSA-2013:0533Important
rhsaRHSA-2013:0195Moderate
rhsaRHSA-2013:0194Moderate
rhsaRHSA-2013:0196Moderate
rhsaRHSA-2013:0191Moderate
rhsaRHSA-2013:0192Moderate
rhsaRHSA-2013:0221Moderate
rhsaRHSA-2013:0198Moderate
rhsaRHSA-2013:0197Important

🔗

References & Sources

Source URLs (vendor pages, mailing lists, write-ups). Exploit/PoC links are in their own section above to avoid duplication.

http://cxf.apache.org/note-on-cve-2011-2487.htmlVendor Advisory

http://rhn.redhat.com/errata/RHSA-2013-0191.htmlPatchVendor Advisory

http://rhn.redhat.com/errata/RHSA-2013-0192.htmlPatchVendor Advisory

http://rhn.redhat.com/errata/RHSA-2013-0193.htmlBroken LinkPatchVendor Advisory

http://rhn.redhat.com/errata/RHSA-2013-0194.htmlPatchVendor Advisory

http://rhn.redhat.com/errata/RHSA-2013-0195.htmlPatchVendor Advisory

Show all 18 references

http://rhn.redhat.com/errata/RHSA-2013-0196.htmlPatchVendor Advisory

http://rhn.redhat.com/errata/RHSA-2013-0198.htmlPatchVendor Advisory

http://rhn.redhat.com/errata/RHSA-2013-0221.htmlPatchVendor Advisory

http://www.securityfocus.com/bid/57549Third Party AdvisoryVDB Entry

https://bugzilla.redhat.com/show_bug.cgi?id=713539Issue TrackingPatchVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/81737VDB EntryVendor Advisory

https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf%40%3Ccommits.cxf.apache.org%3E

https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6%40%3Ccommits.cxf.apache.org%3E

https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4%40%3Ccommits.cxf.apache.org%3E

https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e%40%3Ccommits.cxf.apache.org%3E

https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4%40%3Ccommits.cxf.apache.org%3E

https://www.nds.ruhr-uni-bochum.de/research/publications/breaking-xml-encryption-pkcs15/Technical DescriptionThird Party Advisory

Intelligence Graph · click any node to traverse

CVETechnique ActorTool Family

drag to reposition · click any node to traverse · button top-right enlarges

External lookups - second-class, for what we don’t hold ourselves

NVD CVE.org CISA Vulners Exploit-DB GitHub PoC VulnCheck KEV GreyNoise

Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities

Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs

Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures

Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1

About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service

threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin