Published: 06/01/2024 Updated: 11/04/2024

CVSS v3 Base Score: 7.2 | Impact Score: 5.9 | Exploitability Score: 1.2

VMScore: 0

** UNSUPPORTED WHEN ASSIGNED ** Improper Input Validation vulnerability in Apache Axis allowed users with access to the admin service to perform possible SSRF This issue affects Apache Axis: up to and including 1.3. As Axis 1 has been EOL we recommend you migrate to a different SOAP engine, such as Apache Axis 2/Java. Alternatively you could use a build of Axis with the patch from github.com/apache/axis-axis1-java/commit/685c309febc64aa393b2d64a05f90e7eb9f73e06 applied. The Apache Axis project does not expect to create an Axis 1.x release fixing this problem, though contributors that would like to work towards this are welcome.

Vulnerable Product	Search on Vulmon	Subscribe to Product
apache axis

Debian Bug report logs - #1060169 axis: CVE-2023-51441 Package: src:axis; Maintainer for src:axis is Debian Java Maintainers <pkg-java-maintainers@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sat, 6 Jan 2024 20:00:01 UTC Severity: important Tags: security, upstream Found in ...

CWE-918 https://github.com/apache/axis-axis1-java/commit/685c309febc64aa393b2d64a05f90e7eb9f73e06 https://lists.apache.org/thread/8nrm5thop8f82pglx4o0jg8wmvy6d9yd https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1060169 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2023-51441

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect