7.5

CVSS Score

3.0

Basic Information

CVE ID

CVE-2017-5656

GHSA ID

GHSA-v936-x3j5-c76j

EPSS Score

0.87589%

CWE

CWE-384

Published

5/13/2022

Updated

12/21/2023

KEV Status

Technology

Java

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2017-5656

CVE-2017-5656: Session Fixation in Apache CXF

Apache CXF's STSClient before 3.1.11 and 3.0.13 uses a flawed way of caching tokens that are associated with delegation tokens, which means that an attacker could craft a token which would return an identifer corresponding to a cached token for another user.

(GitHub Advisory)

7.5

CVSS Score

3.0

Basic Information

CVE ID

CVE-2017-5656

GHSA ID

GHSA-v936-x3j5-c76j

EPSS Score

0.87589%

CWE

CWE-384

Published

5/13/2022

Updated

12/21/2023

KEV Status

Technology

Java

Technical Details

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
org.apache.cxf:cxf-core	maven	>= 3.1.0, <= 3.1.10	3.1.11
org.apache.cxf:cxf-core	maven	<= 3.0.12	3.0.13

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability stems from how delegation token identifiers were generated for caching. The commit 1a4fe22fc297f8be204788bcdfcd498e91201a01 specifically modifies the getIdFromToken method to implement secure hashing (SHA-256) for BinarySecurityTokens and proper handling of SAML/UsernameTokens. The original implementation's reliance on mutable/extractable attributes like 'Id' and 'AssertionID' without cryptographic uniqueness made it vulnerable to identifier collisions, which is explicitly addressed in the patch.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

*p**** *X*'s STS*li*nt ***or* *.*.** *n* *.*.** us*s * *l*w** w*y o* ****in* tok*ns t**t *r* *sso*i*t** wit* **l***tion tok*ns, w*i** m**ns t**t *n *tt**k*r *oul* *r**t * tok*n w*i** woul* r*turn *n i**nti**r *orr*spon*in* to * ****** tok*n *or *not*

Reasoning

T** vuln*r**ility st*ms *rom *ow **l***tion tok*n i**nti*i*rs w*r* **n*r*t** *or ****in*. T** *ommit **************************************** sp**i*i**lly mo*i*i*s t** `**tI**romTok*n` m*t*o* to impl*m*nt s**ur* **s*in* (S**-***) *or *in*ryS**urityTo

7.5

Basic Information

Concerned about an active attack path?

CVE-2017-5656: Session Fixation in Apache CXF

7.5

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability Intelligence
Miggo AI