What is CVE-2019-0227?

CVE-2019-0227 is a vulnerability in Apache Axis 1.4. Published 2019-05-01.

Is CVE-2019-0227 known to be exploited?

41 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Apache Axis 1.4

CVE-2019-0227

A Server Side Request Forgery (SSRF) vulnerability affected the Apache Axis 1.4 distribution that was last released in 2006. Security and bug commits commits continue in the projects Axis 1.x Subversion repository, legacy users are encoura…

EPSS: 0.900 (99.6th percentile) — read the EPSS interpretation.

Affected products

Apache Axis 1.4 — versions Apache Axis 1.4

Public proof-of-concept exploits

ianxtianxt/cve-2019-0227
1475210817/Axis1.4-CVE-2019-0227
0xT11/CVE-POC
1derian/Apache-Axis-Vuln
ARPSyndicate/cve-scores
ARPSyndicate/cvemon
H4cksploit/CVEs-master
J1ezds/Vulnerability-Wiki-page
RhinoSecurityLabs/CVEs
SexyBeast233/SecBooks

References

rhinosecuritylabs.com/application-security/cve-2019-0227-expired-domain-rce-apa…
[announce] 20200131 Apache Software Foundation Security Report: 2019 (mailing-list)
www.oracle.com/security-alerts/cpuapr2020.html
www.oracle.com/security-alerts/cpujul2020.html
www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
www.oracle.com/security-alerts/cpujan2020.html
www.oracle.com/security-alerts/cpujan2021.html
www.oracle.com/security-alerts/cpuApr2021.html
[axis-java-user] 20210928 [Axis2] Migration Issues (mailing-list)
www.oracle.com/security-alerts/cpuoct2021.html

Frequently asked questions

What is CVE-2019-0227?: CVE-2019-0227 is a vulnerability in Apache Axis 1.4. Published 2019-05-01.
Is CVE-2019-0227 known to be exploited?: 41 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.