WSS4J validation does not use configured replay cache_CVE-2026-41000

3.7 / 10

LOW

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

Description

Wss4jSecurityInterceptor did not consistently wire Apache WSS4J ReplayCache instances into RequestData for validation-time checks. As a result, protections against replay of UsernameToken nonces and creation timestamps, Timestamp elements, and certain SAML one-time-use semantics could be ineffective even when operators configured a replay cache on the interceptor.

Affected versions:
Spring Web Services 5.0.0 through 5.0.1; 4.1.0 through 4.1.3; 4.0.0 through 4.0.18; 3.1.0 through 3.1.8.

Basic Information

ID CVE-2026-41000

Source vmware

Published Jun 11, 2026 at 05:04

Affected Product

Vendor Spring

Product Spring Web Services

Version 5.0.0

Affected Versions Spring Spring Web Services 5.0.0
Spring Spring Web Services 4.1.0
Spring Spring Web Services 4.0.0
Spring Spring Web Services 3.1.0

CWE Classification

CWE-294

References

spring.io /security/cve-2026-41000

{
    "lastseen": "",
    "description": "Wss4jSecurityInterceptor did not consistently wire Apache WSS4J ReplayCache instances into RequestData for validation-time checks. As a result, protections against replay of UsernameToken nonces and creation timestamps, Timestamp elements, and certain SAML one-time-use semantics could be ineffective even when operators configured a replay cache on the interceptor.\n\nAffected versions:\nSpring Web Services 5.0.0 through 5.0.1; 4.1.0 through 4.1.3; 4.0.0 through 4.0.18; 3.1.0 through 3.1.8.",
    "published": "2026-06-11T05:04:24.413Z",
    "modified": "2026-06-11T05:04:24.413Z",
    "type": "cve",
    "title": "WSS4J validation does not use configured replay cache",
    "source": "vmware",
    "references": "https://spring.io/security/cve-2026-41000",
    "id": "CVE-2026-41000",
    "bulletinFamily": "",
    "cwe": [
        "CWE-294"
    ],
    "cvelist": null,
    "sourceData": "Spring Spring Web Services 5.0.0\nSpring Spring Web Services 4.1.0\nSpring Spring Web Services 4.0.0\nSpring Spring Web Services 3.1.0",
    "sourceHref": "",
    "cvss": {
        "score": 3.7,
        "severity": "LOW",
        "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Spring Web Services",
    "version": "5.0.0",
    "vendor": "Spring",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}