CVE Catalog

CVE-2026-41000

LowCVSS 3.7
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.22%

13th percentile — higher than 13% of all known CVEs

Summary

Wss4jSecurityInterceptor did not consistently wire Apache WSS4J ReplayCache instances into RequestData for validation-time checks. This may lead to ineffective protections against replay of UsernameToken nonces and Timestamp elements.

Risk Assessment

The organization may be vulnerable to replay attacks, potentially leading to unauthorized access to systems.

Recommendation

It is recommended to upgrade to the latest version of Spring Web Services to ensure effective protection against replay attacks.

Original NVD description (English source)

Wss4jSecurityInterceptor did not consistently wire Apache WSS4J ReplayCache instances into RequestData for validation-time checks. As a result, protections against replay of UsernameToken nonces and creation timestamps, Timestamp elements, and certain SAML one-time-use semantics could be ineffective even when operators configured a replay cache on the interceptor. Affected versions: Spring Web Services 5.0.0 through 5.0.1; 4.1.0 through 4.1.3; 4.0.0 through 4.0.18; 3.1.0 through 3.1.8.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS