A SSRF vulnerability using the Aegis DataBinding in versions of Apache CXF before 4.0.4, 3.6.3 and 3.5.8 allows an attacker to perform SSRF style attacks on webservices that take at least one parameter of any type. Users of other data bindings (including the default databinding) are not impacted.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:NApache Cxf
APPApache< 3.5.83.6.0 – 3.6.3 (bez)4.0.0 – 4.0.4 (bez)Netapp Oncommand Workflow Automation
APPNetappwszystkie wersjeNetapp Ontap Tools
APPNetapp10
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
Tags
SSRF
References
Related vulnerabilities
CVE-2021-44228CRITICAL10.0⚠ KEVten sam produkt
Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features u...
CVE-2016-3427CRITICAL9.8⚠ KEVten sam produkt
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 ...
CVE-2026-49875CRITICAL9.8PL ✓ten sam produkt
Apache CXF: podatność XXE w EndpointReferenceUtils i W3CMultiSchemaFactory
CVE-2026-50627CRITICAL9.1PL ✓ten sam produkt
Apache CXF: brak weryfikacji pola 'aud' w tokenach JWT (Token Confusion)
CVE-2026-50628CRITICAL9.8PL ✓ten sam produkt
Apache CXF: błąd logiki w OAuthRequestFilter odwraca weryfikację IP