Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2024-28752

CWE-918Server-Side Request Forgery (SSRF)9 documents8 sources
Severity
9.3CRITICAL
EPSS
55.2%
top 1.94%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
3
Apache Software Foundation Apache CXFApache CXFNetapp Ontap Tools
Timeline
PublishedMar 15
Latest updateMay 29

Description

A SSRF vulnerability using the Aegis DataBinding in versions of Apache CXF before 4.0.4, 3.6.3 and 3.5.8 allows an attacker to perform SSRF style attacks on webservices that take at least one parameter of any type. Users of other data bindings (including the default databinding) are not impacted.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:NExploitability: 2.8 | Impact: 5.8

Affected Packages3 packages

NVDapache/cxf3.6.03.6.3+2
CVEListV5apache_software_foundation/apache_cxf< 4.0.4, 3.6.3, 3.5.8

Also affects: Ontap Tools 10

🔴Vulnerability Details

3
CVEList
Apache CXF SSRF Vulnerability using the Aegis databinding2024-03-15
OSV
SSRF vulnerability using the Aegis DataBinding in Apache CXF2024-03-15
GHSA
SSRF vulnerability using the Aegis DataBinding in Apache CXF2024-03-15

💥Exploits & PoCs

1
Nuclei
Apache CXF < 4.0.4 - Aegis DataBinding SSRF / Local File Read

🔍Detection Rules

1
Suricata
ET WEB_SPECIFIC_APPS Apache CXF Aegis DataBinding Server-Side Request Forgery (CVE-2024-28752)2025-05-29

📋Vendor Advisories

3
Oracle
Oracle Oracle Fusion Middleware Risk Matrix: Fusion Apps (Apache CXF) — CVE-2024-287522024-10-15
Oracle
Oracle Oracle Commerce Risk Matrix: Endeca Integration (Apache CXF) — CVE-2024-287522024-07-15
Red Hat
cxf-core: Apache CXF SSRF Vulnerability using the Aegis databinding2024-03-14
CVE-2024-28752 (CRITICAL CVSS 9.3) | A SSRF vulnerability using the Aegi | cvebase.io