CVE-2011-2329

medium Apache
CVSS v3 Base Score
6.5
AV:N/AC:L/Au:S/C:P/I:P/A:P
EPSS Score
0.7%
Exploitation probability in 30 days
Top 28% most likely to be exploited
Attack Characteristics
Attack Vector
Network
Attack Complexity
Low
Confidentiality
P
Integrity
P
Availability
P
Published: June 2, 2011 (5460 days ago)
Last Modified: April 29, 2026
Vendor: Apache
Source: NVD

Description

The rampart_timestamp_token_validate function in util/rampart_timestamp_token.c in Apache Rampart/C 1.3.0 does not properly calculate the expiration of timestamp tokens, which allows remote attackers to bypass intended access restrictions by leveraging an expired token, a different vulnerability than CVE-2011-0730.

CWE

CWE-264

Affected Products

apache rampart\/c

References

🔗 launchpadlibrarian.net 🔗 www.ubuntu.com 🔗 exchange.xforce.ibmcloud.com 🔗 launchpad.net 🔗 launchpadlibrarian.net