CVE-2011-1096

Description

The W3C XML Encryption Standard, as used in the JBoss Web Services (JBossWS) component in JBoss Enterprise Portal Platform before 5.2.2 and other products, when using block ciphers in cipher-block chaining (CBC) mode, allows remote attackers to obtain plaintext data via a chosen-ciphertext attack on SOAP responses, aka "character encoding pattern attack."

References

Link	Tags
http://aktuell.ruhr-uni-bochum.de/pm2011/pm00330.html.de
http://cxf.apache.org/note-on-cve-2011-1096.html
http://rhn.redhat.com/errata/RHSA-2012-1301.html	vendor advisory
https://bugzilla.redhat.com/show_bug.cgi?id=681916
http://rhn.redhat.com/errata/RHSA-2013-0192.html	vendor advisory
http://rhn.redhat.com/errata/RHSA-2013-0198.html	vendor advisory
http://coheigea.blogspot.com/2012/04/note-on-cve-2011-1096.html
http://rhn.redhat.com/errata/RHSA-2013-0195.html	vendor advisory
http://rhn.redhat.com/errata/RHSA-2013-0221.html	vendor advisory
http://rhn.redhat.com/errata/RHSA-2013-0196.html	vendor advisory
http://rhn.redhat.com/errata/RHSA-2013-1437.html	vendor advisory
http://rhn.redhat.com/errata/RHSA-2013-0193.html	vendor advisory
http://www.securityfocus.com/bid/55770	vdb entry
http://secunia.com/advisories/51984	third party advisory
http://secunia.com/advisories/52054	third party advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/79031	vdb entry
http://rhn.redhat.com/errata/RHSA-2012-1344.html	vendor advisory
http://rhn.redhat.com/errata/RHSA-2013-0261.html	vendor advisory
http://rhn.redhat.com/errata/RHSA-2013-0191.html	vendor advisory
http://rhn.redhat.com/errata/RHSA-2012-1330.html	vendor advisory
http://rhn.redhat.com/errata/RHSA-2013-0197.html	vendor advisory
http://rhn.redhat.com/errata/RHSA-2013-0194.html	vendor advisory
http://dl.acm.org/citation.cfm?id=2046756&dl=ACM&coll=DL
http://www.csoonline.com/article/692366/widely-used-encryption-standard-is-insecure-say-experts
https://lists.apache.org/thread.html/8d5d29747548a24cccdb7f3e2d4d599ffb7ffe4537426b3c9a852cf4%40%3Ccommits.cxf.apache.org%3E	mailing list
https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c%40%3Ccommits.cxf.apache.org%3E	mailing list
https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf%40%3Ccommits.cxf.apache.org%3E	mailing list
https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4%40%3Ccommits.cxf.apache.org%3E	mailing list
https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6%40%3Ccommits.cxf.apache.org%3E	mailing list
https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4%40%3Ccommits.cxf.apache.org%3E	mailing list
https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e%40%3Ccommits.cxf.apache.org%3E	mailing list

Frequently Asked Questions

What is the severity of CVE-2011-1096?: CVE-2011-1096 has been scored as a medium severity vulnerability.
How to fix CVE-2011-1096?: To fix CVE-2011-1096, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2011-1096 being actively exploited in the wild?: As for now, there are no information to confirm that CVE-2011-1096 is being actively exploited. According to its EPSS score, there is a ~1% probability that this vulnerability will be exploited by malicious actors in the next 30 days.

This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.

Description

Category

CWE-310 – Cryptographic Issues

References

Frequently Asked Questions