AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

CVE-2014-3584: The SamlHeaderInHandler in Apache CXF before 2.6.11, 2.7.x before 2.7.8, and 3.0.x before 3.0.1 allows remote attackers

infovulnerability

security

Source: NVD/CVE DatabaseOctober 30, 2014CVE-2014-3584

Summary

CVE-2014-3584 is a denial of service (DoS) vulnerability in Apache CXF, a web services framework, where a specially crafted SAML token (an authentication credential) in a request's authorization header can cause an infinite loop, making the service unresponsive. The vulnerability affects CXF versions before 2.6.11, 2.7.x before 2.7.8, and 3.0.x before 3.0.1.

Solution / Mitigation

Update Apache CXF to version 2.6.11, 2.7.8, or 3.0.1 or later.

Vulnerability Details

CVSS Score

5

EPSS (30-day exploit probability)

EPSS: 5.6%

Classification

Attack SophisticationModerate

Impact (CIA+S)

availability

Taxonomy References

CWE (Weakness Type)

CWE-399

Original source: https://nvd.nist.gov/vuln/detail/CVE-2014-3584

First tracked: February 15, 2026 at 08:43 PM

Classified by LLM (prompt v3) · confidence: 95%