Search criteria
45 vulnerabilities
CVE-2025-9312 (GCVE-0-2025-9312)
Vulnerability from cvelistv5 – Published: 2025-11-18 12:05 – Updated: 2025-11-18 17:38
VLAI?
Summary
A missing authentication enforcement vulnerability exists in the mutual TLS (mTLS) implementation used by System REST APIs and SOAP services in multiple WSO2 products. Due to improper validation of client certificate–based authentication in certain default configurations, the affected components may permit unauthenticated requests even when mTLS is enabled. This condition occurs when relying on the default mTLS settings for System REST APIs or when the mTLS authenticator is enabled for SOAP services, causing these interfaces to accept requests without enforcing additional authentication.
Successful exploitation allows a malicious actor with network access to the affected endpoints to gain administrative privileges and perform unauthorized operations. The vulnerability is exploitable only when the impacted mTLS flows are enabled and accessible in a given deployment. Other certificate-based authentication mechanisms such as Mutual TLS OAuth client authentication and X.509 login flows are not affected, and APIs served through the API Gateway of WSO2 API Manager remain unaffected.
Severity ?
9.8 (Critical)
CWE
- CWE-306 - Missing Authentication for Critical Function
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| WSO2 | WSO2 API Manager |
Unknown:
0 , < 2.2.0
(custom)
Affected: 2.2.0 , < 2.2.0.58 (custom) Affected: 2.5.0 , < 2.5.0.84 (custom) Affected: 2.6.0 , < 2.6.0.145 (custom) Affected: 3.0.0 , < 3.0.0.175 (custom) Affected: 3.1.0 , < 3.1.0.339 (custom) Affected: 3.2.0 , < 3.2.0.439 (custom) Affected: 3.2.1 , < 3.2.1.59 (custom) Affected: 4.0.0 , < 4.0.0.359 (custom) Affected: 4.1.0 , < 4.1.0.222 (custom) Affected: 4.2.0 , < 4.2.0.161 (custom) Affected: 4.3.0 , < 4.3.0.73 (custom) Affected: 4.4.0 , < 4.4.0.37 (custom) Affected: 4.5.0 , < 4.5.0.21 (custom) |
|||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-9312",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-18T17:23:36.208499Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-18T17:38:15.686Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WSO2 API Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "2.2.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "2.2.0.58",
"status": "affected",
"version": "2.2.0",
"versionType": "custom"
},
{
"lessThan": "2.5.0.84",
"status": "affected",
"version": "2.5.0",
"versionType": "custom"
},
{
"lessThan": "2.6.0.145",
"status": "affected",
"version": "2.6.0",
"versionType": "custom"
},
{
"lessThan": "3.0.0.175",
"status": "affected",
"version": "3.0.0",
"versionType": "custom"
},
{
"lessThan": "3.1.0.339",
"status": "affected",
"version": "3.1.0",
"versionType": "custom"
},
{
"lessThan": "3.2.0.439",
"status": "affected",
"version": "3.2.0",
"versionType": "custom"
},
{
"lessThan": "3.2.1.59",
"status": "affected",
"version": "3.2.1",
"versionType": "custom"
},
{
"lessThan": "4.0.0.359",
"status": "affected",
"version": "4.0.0",
"versionType": "custom"
},
{
"lessThan": "4.1.0.222",
"status": "affected",
"version": "4.1.0",
"versionType": "custom"
},
{
"lessThan": "4.2.0.161",
"status": "affected",
"version": "4.2.0",
"versionType": "custom"
},
{
"lessThan": "4.3.0.73",
"status": "affected",
"version": "4.3.0",
"versionType": "custom"
},
{
"lessThan": "4.4.0.37",
"status": "affected",
"version": "4.4.0",
"versionType": "custom"
},
{
"lessThan": "4.5.0.21",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 API Control Plane",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.0.22",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Traffic Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.0.20",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Universal Gateway",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.0.20",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Identity Server as Key Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "5.3.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "5.3.0.39",
"status": "affected",
"version": "5.3.0",
"versionType": "custom"
},
{
"lessThan": "5.5.0.52",
"status": "affected",
"version": "5.5.0",
"versionType": "custom"
},
{
"lessThan": "5.6.0.74",
"status": "affected",
"version": "5.6.0",
"versionType": "custom"
},
{
"lessThan": "5.7.0.124",
"status": "affected",
"version": "5.7.0",
"versionType": "custom"
},
{
"lessThan": "5.9.0.175",
"status": "affected",
"version": "5.9.0",
"versionType": "custom"
},
{
"lessThan": "5.10.0.358",
"status": "affected",
"version": "5.10.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Identity Server",
"vendor": "WSO2",
"versions": [
{
"lessThan": "5.2.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "5.2.0.33",
"status": "affected",
"version": "5.2.0",
"versionType": "custom"
},
{
"lessThan": "5.3.0.34",
"status": "affected",
"version": "5.3.0",
"versionType": "custom"
},
{
"lessThan": "5.4.0.33",
"status": "affected",
"version": "5.4.0",
"versionType": "custom"
},
{
"lessThan": "5.4.1.37",
"status": "affected",
"version": "5.4.1",
"versionType": "custom"
},
{
"lessThan": "5.5.0.51",
"status": "affected",
"version": "5.5.0",
"versionType": "custom"
},
{
"lessThan": "5.6.0.59",
"status": "affected",
"version": "5.6.0",
"versionType": "custom"
},
{
"lessThan": "5.7.0.125",
"status": "affected",
"version": "5.7.0",
"versionType": "custom"
},
{
"lessThan": "5.8.0.109",
"status": "affected",
"version": "5.8.0",
"versionType": "custom"
},
{
"lessThan": "5.9.0.168",
"status": "affected",
"version": "5.9.0",
"versionType": "custom"
},
{
"lessThan": "5.10.0.368",
"status": "affected",
"version": "5.10.0",
"versionType": "custom"
},
{
"lessThan": "5.11.0.411",
"status": "affected",
"version": "5.11.0",
"versionType": "custom"
},
{
"lessThan": "6.0.0.243",
"status": "affected",
"version": "6.0.0",
"versionType": "custom"
},
{
"lessThan": "6.1.0.241",
"status": "affected",
"version": "6.1.0",
"versionType": "custom"
},
{
"lessThan": "7.0.0.116",
"status": "affected",
"version": "7.0.0",
"versionType": "custom"
},
{
"lessThan": "7.1.0.23",
"status": "affected",
"version": "7.1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Open Banking KM",
"vendor": "WSO2",
"versions": [
{
"lessThan": "1.4.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "1.4.0.132",
"status": "affected",
"version": "1.4.0",
"versionType": "custom"
},
{
"lessThan": "1.5.0.122",
"status": "affected",
"version": "1.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Open Banking AM",
"vendor": "WSO2",
"versions": [
{
"lessThan": "1.4.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "1.4.0.138",
"status": "affected",
"version": "1.4.0",
"versionType": "custom"
},
{
"lessThan": "1.5.0.139",
"status": "affected",
"version": "1.5.0",
"versionType": "custom"
},
{
"lessThan": "2.0.0.388",
"status": "affected",
"version": "2.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Open Banking IAM",
"vendor": "WSO2",
"versions": [
{
"lessThan": "2.0.0.408",
"status": "affected",
"version": "2.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"packageName": "org.wso2.carbon.identity.auth.service",
"product": "org.wso2.carbon.identity.auth.service",
"vendor": "WSO2",
"versions": [
{
"lessThan": "1.1.1.2",
"status": "affected",
"version": "1.1.1",
"versionType": "custom"
},
{
"lessThan": "1.1.16.3",
"status": "affected",
"version": "1.1.16",
"versionType": "custom"
},
{
"lessThan": "1.1.18.4",
"status": "affected",
"version": "1.1.18",
"versionType": "custom"
},
{
"lessThan": "1.1.20.5",
"status": "affected",
"version": "1.1.20",
"versionType": "custom"
},
{
"lessThan": "1.1.26.7",
"status": "affected",
"version": "1.1.26",
"versionType": "custom"
},
{
"lessThan": "1.3.6.8",
"status": "affected",
"version": "1.3.6",
"versionType": "custom"
},
{
"lessThan": "1.4.0.18",
"status": "affected",
"version": "1.4.0",
"versionType": "custom"
},
{
"lessThan": "1.4.25.24",
"status": "affected",
"version": "1.4.25",
"versionType": "custom"
},
{
"lessThan": "1.4.52.4",
"status": "affected",
"version": "1.4.52",
"versionType": "custom"
},
{
"lessThan": "1.6.1.11",
"status": "affected",
"version": "1.6.1",
"versionType": "custom"
},
{
"lessThan": "1.7.1.4",
"status": "affected",
"version": "1.7.1",
"versionType": "custom"
},
{
"lessThan": "1.8.11.6",
"status": "affected",
"version": "1.8.11",
"versionType": "custom"
},
{
"lessThan": "1.8.41.2",
"status": "affected",
"version": "1.8.41",
"versionType": "custom"
},
{
"lessThan": "1.9.4.4",
"status": "affected",
"version": "1.9.4",
"versionType": "custom"
},
{
"lessThan": "1.9.18.2",
"status": "affected",
"version": "1.9.18",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.5.2.*",
"status": "unaffected",
"version": "5.5.2",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.2.0.58",
"versionStartIncluding": "2.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.5.0.84",
"versionStartIncluding": "2.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.6.0.145",
"versionStartIncluding": "2.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.0.0.175",
"versionStartIncluding": "3.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.1.0.339",
"versionStartIncluding": "3.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.2.0.439",
"versionStartIncluding": "3.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.2.1.59",
"versionStartIncluding": "3.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.0.0.359",
"versionStartIncluding": "4.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.1.0.222",
"versionStartIncluding": "4.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2.0.161",
"versionStartIncluding": "4.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.3.0.73",
"versionStartIncluding": "4.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.4.0.37",
"versionStartIncluding": "4.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.5.0.21",
"versionStartIncluding": "4.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_api_control_plane:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.5.0.22",
"versionStartIncluding": "4.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_traffic_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.5.0.20",
"versionStartIncluding": "4.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_universal_gateway:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.5.0.20",
"versionStartIncluding": "4.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server_as_key_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.3.0.39",
"versionStartIncluding": "5.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server_as_key_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.5.0.52",
"versionStartIncluding": "5.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server_as_key_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.6.0.74",
"versionStartIncluding": "5.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server_as_key_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.7.0.124",
"versionStartIncluding": "5.7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server_as_key_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.9.0.175",
"versionStartIncluding": "5.9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server_as_key_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.0.358",
"versionStartIncluding": "5.10.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.2.0.33",
"versionStartIncluding": "5.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.3.0.34",
"versionStartIncluding": "5.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.4.0.33",
"versionStartIncluding": "5.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.4.1.37",
"versionStartIncluding": "5.4.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.5.0.51",
"versionStartIncluding": "5.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.6.0.59",
"versionStartIncluding": "5.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.7.0.125",
"versionStartIncluding": "5.7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.8.0.109",
"versionStartIncluding": "5.8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.9.0.168",
"versionStartIncluding": "5.9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.0.368",
"versionStartIncluding": "5.10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.11.0.411",
"versionStartIncluding": "5.11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.0.0.243",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.0.241",
"versionStartIncluding": "6.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.0.0.116",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.1.0.23",
"versionStartIncluding": "7.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_open_banking_km:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.4.0.132",
"versionStartIncluding": "1.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_open_banking_km:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.5.0.122",
"versionStartIncluding": "1.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_open_banking_am:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.4.0.138",
"versionStartIncluding": "1.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_open_banking_am:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.5.0.139",
"versionStartIncluding": "1.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_open_banking_am:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.0.0.388",
"versionStartIncluding": "2.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_open_banking_iam:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.0.0.408",
"versionStartIncluding": "2.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.identity.auth.service:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.1.1.2",
"versionStartIncluding": "1.1.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.identity.auth.service:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.1.16.3",
"versionStartIncluding": "1.1.16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.identity.auth.service:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.1.18.4",
"versionStartIncluding": "1.1.18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.identity.auth.service:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.1.20.5",
"versionStartIncluding": "1.1.20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.identity.auth.service:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.1.26.7",
"versionStartIncluding": "1.1.26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.identity.auth.service:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.3.6.8",
"versionStartIncluding": "1.3.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.identity.auth.service:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.4.0.18",
"versionStartIncluding": "1.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.identity.auth.service:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.4.25.24",
"versionStartIncluding": "1.4.25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.identity.auth.service:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.4.52.4",
"versionStartIncluding": "1.4.52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.identity.auth.service:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.6.1.11",
"versionStartIncluding": "1.6.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.identity.auth.service:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.7.1.4",
"versionStartIncluding": "1.7.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.identity.auth.service:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.8.11.6",
"versionStartIncluding": "1.8.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.identity.auth.service:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.8.41.2",
"versionStartIncluding": "1.8.41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.identity.auth.service:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.9.4.4",
"versionStartIncluding": "1.9.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.identity.auth.service:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.9.18.2",
"versionStartIncluding": "1.9.18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.identity.auth.service:*:*:*:*:*:*:*:*",
"versionEndIncluding": "5.5.2.*",
"versionStartIncluding": "5.5.2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A missing authentication enforcement vulnerability exists in the mutual TLS (mTLS) implementation used by System REST APIs and SOAP services in multiple WSO2 products. Due to improper validation of client certificate\u2013based authentication in certain default configurations, the affected components may permit unauthenticated requests even when mTLS is enabled. This condition occurs when relying on the default mTLS settings for System REST APIs or when the mTLS authenticator is enabled for SOAP services, causing these interfaces to accept requests without enforcing additional authentication.\u003cbr\u003e\u003cbr\u003eSuccessful exploitation allows a malicious actor with network access to the affected endpoints to gain administrative privileges and perform unauthorized operations. The vulnerability is exploitable only when the impacted mTLS flows are enabled and accessible in a given deployment. Other certificate-based authentication mechanisms such as Mutual TLS OAuth client authentication and X.509 login flows are not affected, and APIs served through the API Gateway of WSO2 API Manager remain unaffected."
}
],
"value": "A missing authentication enforcement vulnerability exists in the mutual TLS (mTLS) implementation used by System REST APIs and SOAP services in multiple WSO2 products. Due to improper validation of client certificate\u2013based authentication in certain default configurations, the affected components may permit unauthenticated requests even when mTLS is enabled. This condition occurs when relying on the default mTLS settings for System REST APIs or when the mTLS authenticator is enabled for SOAP services, causing these interfaces to accept requests without enforcing additional authentication.\n\nSuccessful exploitation allows a malicious actor with network access to the affected endpoints to gain administrative privileges and perform unauthorized operations. The vulnerability is exploitable only when the impacted mTLS flows are enabled and accessible in a given deployment. Other certificate-based authentication mechanisms such as Mutual TLS OAuth client authentication and X.509 login flows are not affected, and APIs served through the API Gateway of WSO2 API Manager remain unaffected."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306 Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-18T12:49:08.200Z",
"orgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"shortName": "WSO2"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4494/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: transparent;\"\u003eFollow the instructions given on \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4494/#solution\"\u003e\u003cspan style=\"background-color: transparent;\"\u003ehttps://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4494/#solution\u003c/span\u003e\u003c/a\u003e \u003cbr\u003e"
}
],
"value": "Follow the instructions given on https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4494/#solution"
}
],
"source": {
"advisory": "WSO2-2025-4494",
"discovery": "INTERNAL"
},
"title": "Improper Certificate-Based Authentication Enforcement in Multiple WSO2 Products",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"assignerShortName": "WSO2",
"cveId": "CVE-2025-9312",
"datePublished": "2025-11-18T12:05:22.207Z",
"dateReserved": "2025-08-21T07:28:14.505Z",
"dateUpdated": "2025-11-18T17:38:15.686Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-6670 (GCVE-0-2025-6670)
Vulnerability from cvelistv5 – Published: 2025-11-18 11:28 – Updated: 2025-11-18 19:12
VLAI?
Summary
A Cross-Site Request Forgery (CSRF) vulnerability exists in multiple WSO2 products due to the use of the HTTP GET method for state-changing operations within admin services, specifically in the event processor of the Carbon console. Although the SameSite=Lax cookie attribute is used as a mitigation, it is ineffective in this context because it allows cookies to be sent with cross-origin top-level navigations using GET requests.
A malicious actor can exploit this vulnerability by tricking an authenticated user into visiting a crafted link, leading the browser to issue unintended state-changing requests. Successful exploitation could result in unauthorized operations such as data modification, account changes, or other administrative actions. According to WSO2 Secure Production Guidelines, exposure of Carbon console services to untrusted networks is discouraged, which may reduce the impact in properly secured deployments.
Severity ?
8.8 (High)
CWE
- CWE-352 - Cross-Site Request Forgery (CSRF)
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| WSO2 | WSO2 Open Banking AM |
Unknown:
0 , < 2.0.0
(custom)
Unaffected: 2.0.0 , < 2.0.0.398 (custom) |
|||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||
Credits
Noël MACCARY
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-6670",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-18T19:10:34.187077Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-18T19:12:59.786Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WSO2 Open Banking AM",
"vendor": "WSO2",
"versions": [
{
"lessThan": "2.0.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "2.0.0.398",
"status": "unaffected",
"version": "2.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Open Banking IAM",
"vendor": "WSO2",
"versions": [
{
"lessThan": "2.0.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "2.0.0.418",
"status": "unaffected",
"version": "2.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Traffic Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.0.34",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
},
{
"lessThan": "4.6.0.1",
"status": "affected",
"version": "4.6.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Universal Gateway",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.0.34",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
},
{
"lessThan": "4.6.0.1",
"status": "affected",
"version": "4.6.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 API Control Plane",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.0.36",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
},
{
"lessThan": "4.6.0.1",
"status": "affected",
"version": "4.6.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 API Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "3.1.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "3.1.0.349",
"status": "affected",
"version": "3.1.0",
"versionType": "custom"
},
{
"lessThan": "3.2.0.453",
"status": "affected",
"version": "3.2.0",
"versionType": "custom"
},
{
"lessThan": "3.2.1.73",
"status": "affected",
"version": "3.2.1",
"versionType": "custom"
},
{
"lessThan": "4.0.0.373",
"status": "affected",
"version": "4.0.0",
"versionType": "custom"
},
{
"lessThan": "4.1.0.236",
"status": "affected",
"version": "4.1.0",
"versionType": "custom"
},
{
"lessThan": "4.2.0.176",
"status": "affected",
"version": "4.2.0",
"versionType": "custom"
},
{
"lessThan": "4.3.0.88",
"status": "affected",
"version": "4.3.0",
"versionType": "custom"
},
{
"lessThan": "4.4.0.52",
"status": "affected",
"version": "4.4.0",
"versionType": "custom"
},
{
"lessThan": "4.5.0.35",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
},
{
"lessThan": "4.6.0.1",
"status": "affected",
"version": "4.6.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Identity Server",
"vendor": "WSO2",
"versions": [
{
"lessThan": "5.10.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "5.10.0.378",
"status": "affected",
"version": "5.10.0",
"versionType": "custom"
},
{
"lessThan": "5.11.0.425",
"status": "affected",
"version": "5.11.0",
"versionType": "custom"
},
{
"lessThan": "6.0.0.252",
"status": "affected",
"version": "6.0.0",
"versionType": "custom"
},
{
"lessThan": "6.1.0.253",
"status": "affected",
"version": "6.1.0",
"versionType": "custom"
},
{
"lessThan": "7.0.0.130",
"status": "affected",
"version": "7.0.0",
"versionType": "custom"
},
{
"lessThan": "7.1.0.38",
"status": "affected",
"version": "7.1.0",
"versionType": "custom"
},
{
"lessThan": "7.2.0.1",
"status": "affected",
"version": "7.2.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Identity Server as Key Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "5.10.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "5.10.0.369",
"status": "affected",
"version": "5.10.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Enterprise Integrator",
"vendor": "WSO2",
"versions": [
{
"lessThan": "6.6.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "6.6.0.226",
"status": "affected",
"version": "6.6.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"packageName": "org.wso2.carbon:org.wso2.carbon.ui",
"product": "org.wso2.carbon:org.wso2.carbon.ui",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.3.50",
"status": "affected",
"version": "4.5.3",
"versionType": "custom"
},
{
"lessThan": "4.6.0.2253",
"status": "affected",
"version": "4.6.0",
"versionType": "custom"
},
{
"lessThan": "4.6.1.157",
"status": "affected",
"version": "4.6.1",
"versionType": "custom"
},
{
"lessThan": "4.6.2.673",
"status": "affected",
"version": "4.6.2",
"versionType": "custom"
},
{
"lessThan": "4.6.3.41",
"status": "affected",
"version": "4.6.3",
"versionType": "custom"
},
{
"lessThan": "4.6.4.22",
"status": "affected",
"version": "4.6.4",
"versionType": "custom"
},
{
"lessThan": "4.7.1.73",
"status": "affected",
"version": "4.7.1",
"versionType": "custom"
},
{
"lessThan": "4.8.1.43",
"status": "affected",
"version": "4.8.1",
"versionType": "custom"
},
{
"lessThan": "4.9.0.106",
"status": "affected",
"version": "4.9.0",
"versionType": "custom"
},
{
"lessThan": "4.9.26.31",
"status": "affected",
"version": "4.9.26",
"versionType": "custom"
},
{
"lessThan": "4.9.27.16",
"status": "affected",
"version": "4.9.27",
"versionType": "custom"
},
{
"lessThan": "4.9.28.18",
"status": "affected",
"version": "4.9.28",
"versionType": "custom"
},
{
"lessThan": "4.9.33.2",
"status": "affected",
"version": "4.9.33",
"versionType": "custom"
},
{
"lessThan": "4.10.9.75",
"status": "affected",
"version": "4.10.9",
"versionType": "custom"
},
{
"lessThan": "4.10.42.18",
"status": "affected",
"version": "4.10.42",
"versionType": "custom"
},
{
"lessThan": "4.10.101.3",
"status": "affected",
"version": "4.10.101",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.9.29.*",
"status": "unaffected",
"version": "4.9.29",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.10.*",
"status": "unaffected",
"version": "4.10.65",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_open_banking_am:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.0.0.398",
"versionStartIncluding": "2.0.0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_open_banking_iam:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.0.0.418",
"versionStartIncluding": "2.0.0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_traffic_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.5.0.34",
"versionStartIncluding": "4.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_traffic_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.6.0.1",
"versionStartIncluding": "4.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_universal_gateway:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.5.0.34",
"versionStartIncluding": "4.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_universal_gateway:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.6.0.1",
"versionStartIncluding": "4.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_api_control_plane:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.5.0.36",
"versionStartIncluding": "4.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_control_plane:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.6.0.1",
"versionStartIncluding": "4.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.1.0.349",
"versionStartIncluding": "3.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.2.0.453",
"versionStartIncluding": "3.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.2.1.73",
"versionStartIncluding": "3.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.0.0.373",
"versionStartIncluding": "4.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.1.0.236",
"versionStartIncluding": "4.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2.0.176",
"versionStartIncluding": "4.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.3.0.88",
"versionStartIncluding": "4.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.4.0.52",
"versionStartIncluding": "4.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.5.0.35",
"versionStartIncluding": "4.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.6.0.1",
"versionStartIncluding": "4.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.0.378",
"versionStartIncluding": "5.10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.11.0.425",
"versionStartIncluding": "5.11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.0.0.252",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.0.253",
"versionStartIncluding": "6.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.0.0.130",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.1.0.38",
"versionStartIncluding": "7.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.2.0.1",
"versionStartIncluding": "7.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server_as_key_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.0.369",
"versionStartIncluding": "5.10.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_enterprise_integrator:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.0.226",
"versionStartIncluding": "6.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.5.3.50",
"versionStartIncluding": "4.5.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.6.0.2253",
"versionStartIncluding": "4.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.6.1.157",
"versionStartIncluding": "4.6.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.6.2.673",
"versionStartIncluding": "4.6.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.6.3.41",
"versionStartIncluding": "4.6.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.6.4.22",
"versionStartIncluding": "4.6.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.1.73",
"versionStartIncluding": "4.7.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.8.1.43",
"versionStartIncluding": "4.8.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.9.0.106",
"versionStartIncluding": "4.9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.9.26.31",
"versionStartIncluding": "4.9.26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.9.27.16",
"versionStartIncluding": "4.9.27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.9.28.18",
"versionStartIncluding": "4.9.28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.9.33.2",
"versionStartIncluding": "4.9.33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.10.9.75",
"versionStartIncluding": "4.10.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.10.42.18",
"versionStartIncluding": "4.10.42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.10.101.3",
"versionStartIncluding": "4.10.101",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
"versionEndIncluding": "4.9.29.*",
"versionStartIncluding": "4.9.29",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
"versionEndIncluding": "4.10.*",
"versionStartIncluding": "4.10.65",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "No\u00ebl MACCARY"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A Cross-Site Request Forgery (CSRF) vulnerability exists in multiple WSO2 products due to the use of the HTTP GET method for state-changing operations within admin services, specifically in the event processor of the Carbon console. Although the SameSite=Lax cookie attribute is used as a mitigation, it is ineffective in this context because it allows cookies to be sent with cross-origin top-level navigations using GET requests.\u003cbr\u003e\u003cbr\u003eA malicious actor can exploit this vulnerability by tricking an authenticated user into visiting a crafted link, leading the browser to issue unintended state-changing requests. Successful exploitation could result in unauthorized operations such as data modification, account changes, or other administrative actions. According to WSO2 Secure Production Guidelines, exposure of Carbon console services to untrusted networks is discouraged, which may reduce the impact in properly secured deployments."
}
],
"value": "A Cross-Site Request Forgery (CSRF) vulnerability exists in multiple WSO2 products due to the use of the HTTP GET method for state-changing operations within admin services, specifically in the event processor of the Carbon console. Although the SameSite=Lax cookie attribute is used as a mitigation, it is ineffective in this context because it allows cookies to be sent with cross-origin top-level navigations using GET requests.\n\nA malicious actor can exploit this vulnerability by tricking an authenticated user into visiting a crafted link, leading the browser to issue unintended state-changing requests. Successful exploitation could result in unauthorized operations such as data modification, account changes, or other administrative actions. According to WSO2 Secure Production Guidelines, exposure of Carbon console services to untrusted networks is discouraged, which may reduce the impact in properly secured deployments."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-352",
"description": "CWE-352 Cross-Site Request Forgery (CSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-18T11:28:37.410Z",
"orgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"shortName": "WSO2"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4117/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: transparent;\"\u003eFollow the instructions given on \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4117/#solution\"\u003e\u003cspan style=\"background-color: transparent;\"\u003ehttps://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4117/#solution\u003c/span\u003e\u003c/a\u003e \u003cbr\u003e"
}
],
"value": "Follow the instructions given on https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4117/#solution"
}
],
"source": {
"advisory": "WSO2-2025-4117",
"discovery": "EXTERNAL"
},
"title": "Cross-Site Request Forgery (CSRF) in Multiple WSO2 Products via HTTP GET in Admin Services",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"assignerShortName": "WSO2",
"cveId": "CVE-2025-6670",
"datePublished": "2025-11-18T11:28:37.410Z",
"dateReserved": "2025-06-25T15:24:36.239Z",
"dateUpdated": "2025-11-18T19:12:59.786Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-10853 (GCVE-0-2025-10853)
Vulnerability from cvelistv5 – Published: 2025-11-05 19:21 – Updated: 2025-11-05 19:58
VLAI?
Summary
A reflected cross-site scripting (XSS) vulnerability exists in the management console of multiple WSO2 products due to improper output encoding. By tampering with specific parameters, a malicious actor can inject arbitrary JavaScript into the response, leading to reflected XSS.
Successful exploitation could result in UI manipulation, redirection to malicious websites, or data theft from the browser. However, session-related sensitive cookies are protected with the httpOnly flag, which mitigates the risk of session hijacking.
Severity ?
5.2 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| WSO2 | WSO2 Open Banking IAM |
Unknown:
0 , < 2.0.0
(custom)
Affected: 2.0.0 , < 2.0.0.413 (custom) |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Credits
crnković
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-10853",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-05T19:51:26.535789Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-05T19:58:21.875Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WSO2 Open Banking IAM",
"vendor": "WSO2",
"versions": [
{
"lessThan": "2.0.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "2.0.0.413",
"status": "affected",
"version": "2.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 API Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "3.1.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "3.1.0.344",
"status": "affected",
"version": "3.1.0",
"versionType": "custom"
},
{
"lessThan": "3.2.0.445",
"status": "affected",
"version": "3.2.0",
"versionType": "custom"
},
{
"lessThan": "3.2.1.65",
"status": "affected",
"version": "3.2.1",
"versionType": "custom"
},
{
"lessThan": "4.0.0.365",
"status": "affected",
"version": "4.0.0",
"versionType": "custom"
},
{
"lessThan": "4.1.0.227",
"status": "affected",
"version": "4.1.0",
"versionType": "custom"
},
{
"lessThan": "4.2.0.167",
"status": "affected",
"version": "4.2.0",
"versionType": "custom"
},
{
"lessThan": "4.3.0.79",
"status": "affected",
"version": "4.3.0",
"versionType": "custom"
},
{
"lessThan": "4.4.0.43",
"status": "affected",
"version": "4.4.0",
"versionType": "custom"
},
{
"lessThan": "4.5.0.26",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Identity Server",
"vendor": "WSO2",
"versions": [
{
"lessThan": "5.10.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "5.10.0.373",
"status": "affected",
"version": "5.10.0",
"versionType": "custom"
},
{
"lessThan": "5.11.0.417",
"status": "affected",
"version": "5.11.0",
"versionType": "custom"
},
{
"lessThan": "6.0.0.247",
"status": "affected",
"version": "6.0.0",
"versionType": "custom"
},
{
"lessThan": "6.1.0.246",
"status": "affected",
"version": "6.1.0",
"versionType": "custom"
},
{
"lessThan": "7.0.0.122",
"status": "affected",
"version": "7.0.0",
"versionType": "custom"
},
{
"lessThan": "7.1.0.29",
"status": "affected",
"version": "7.1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Open Banking AM",
"vendor": "WSO2",
"versions": [
{
"lessThan": "2.0.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "2.0.0.393",
"status": "affected",
"version": "2.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Identity Server as Key Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "5.10.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "5.10.0.363",
"status": "affected",
"version": "5.10.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Enterprise Integrator",
"vendor": "WSO2",
"versions": [
{
"lessThan": "6.6.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "6.6.0.223",
"status": "affected",
"version": "6.6.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 API Control Plane",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.0.27",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Universal Gateway",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.0.25",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Traffic Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.0.25",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"packageName": "org.wso2.carbon.registry:org.wso2.carbon.registry.info.ui",
"product": "org.wso2.carbon.registry:org.wso2.carbon.registry.info.ui",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.7.32.14",
"status": "affected",
"version": "4.7.32",
"versionType": "custom"
},
{
"lessThan": "4.7.35.11",
"status": "affected",
"version": "4.7.35",
"versionType": "custom"
},
{
"lessThan": "4.7.39.9",
"status": "affected",
"version": "4.7.39",
"versionType": "custom"
},
{
"lessThan": "4.7.51.4",
"status": "affected",
"version": "4.7.51",
"versionType": "custom"
},
{
"lessThan": "4.8.3.9",
"status": "affected",
"version": "4.8.3",
"versionType": "custom"
},
{
"lessThan": "4.8.13.6",
"status": "affected",
"version": "4.8.13",
"versionType": "custom"
},
{
"lessThan": "4.8.32.3",
"status": "affected",
"version": "4.8.32",
"versionType": "custom"
},
{
"lessThan": "4.8.36.1",
"status": "affected",
"version": "4.8.36",
"versionType": "custom"
},
{
"lessThan": "4.8.43.1",
"status": "affected",
"version": "4.8.43",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "4.8.47",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"packageName": "org.wso2.carbon.registry:org.wso2.carbon.registry.resource.ui",
"product": "org.wso2.carbon.registry:org.wso2.carbon.registry.resource.ui",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.7.24.7",
"status": "affected",
"version": "4.7.24",
"versionType": "custom"
},
{
"lessThan": "4.7.32.14",
"status": "affected",
"version": "4.7.32",
"versionType": "custom"
},
{
"lessThan": "4.7.33.13",
"status": "affected",
"version": "4.7.33",
"versionType": "custom"
},
{
"lessThan": "4.7.35.11",
"status": "affected",
"version": "4.7.35",
"versionType": "custom"
},
{
"lessThan": "4.7.39.9",
"status": "affected",
"version": "4.7.39",
"versionType": "custom"
},
{
"lessThan": "4.7.51.4",
"status": "affected",
"version": "4.7.51",
"versionType": "custom"
},
{
"lessThan": "4.8.3.9",
"status": "affected",
"version": "4.8.3",
"versionType": "custom"
},
{
"lessThan": "4.8.9.5",
"status": "affected",
"version": "4.8.9",
"versionType": "custom"
},
{
"lessThan": "4.8.12.5",
"status": "affected",
"version": "4.8.12",
"versionType": "custom"
},
{
"lessThan": "4.8.13.6",
"status": "affected",
"version": "4.8.13",
"versionType": "custom"
},
{
"lessThan": "4.8.24.3",
"status": "affected",
"version": "4.8.24",
"versionType": "custom"
},
{
"lessThan": "4.8.32.3",
"status": "affected",
"version": "4.8.32",
"versionType": "custom"
},
{
"lessThan": "4.8.36.1",
"status": "affected",
"version": "4.8.36",
"versionType": "custom"
},
{
"lessThan": "4.8.43.1",
"status": "affected",
"version": "4.8.43",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "4.8.47",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"packageName": "org.wso2.carbon.governance:org.wso2.carbon.governance.wsdltool.ui",
"product": "org.wso2.carbon.governance:org.wso2.carbon.governance.wsdltool.ui",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.8.19.5",
"status": "affected",
"version": "4.8.19",
"versionType": "custom"
},
{
"lessThan": "4.8.21.9",
"status": "affected",
"version": "4.8.21",
"versionType": "custom"
},
{
"lessThan": "4.8.28.3",
"status": "affected",
"version": "4.8.28",
"versionType": "custom"
},
{
"lessThan": "4.8.30.3",
"status": "affected",
"version": "4.8.30",
"versionType": "custom"
},
{
"lessThan": "4.8.32.1",
"status": "affected",
"version": "4.8.32",
"versionType": "custom"
},
{
"lessThan": "4.8.33.3",
"status": "affected",
"version": "4.8.33",
"versionType": "custom"
},
{
"lessThan": "4.8.34.3",
"status": "affected",
"version": "4.8.34",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "4.8.35",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"packageName": "org.wso2.carbon.identity.inbound.auth.oauth2:org.wso2.carbon.identity.oauth.ui",
"product": "org.wso2.carbon.identity.inbound.auth.oauth2:org.wso2.carbon.identity.oauth.ui",
"vendor": "WSO2",
"versions": [
{
"lessThan": "6.4.2.165",
"status": "affected",
"version": "6.4.2",
"versionType": "custom"
},
{
"lessThan": "6.4.111.155",
"status": "affected",
"version": "6.4.111",
"versionType": "custom"
},
{
"lessThan": "6.4.176.28",
"status": "affected",
"version": "6.4.176",
"versionType": "custom"
},
{
"lessThan": "6.4.180.12",
"status": "affected",
"version": "6.4.180",
"versionType": "custom"
},
{
"lessThan": "6.9.6.26",
"status": "affected",
"version": "6.9.6",
"versionType": "custom"
},
{
"lessThan": "6.13.16.19",
"status": "affected",
"version": "6.13.16",
"versionType": "custom"
},
{
"lessThan": "6.13.19.12",
"status": "affected",
"version": "6.13.19",
"versionType": "custom"
},
{
"lessThan": "6.13.27.5",
"status": "affected",
"version": "6.13.27",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.13.*",
"status": "unaffected",
"version": "6.13.38",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "7.0.349",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_open_banking_iam:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.0.0.413",
"versionStartIncluding": "2.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.1.0.344",
"versionStartIncluding": "3.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.2.0.445",
"versionStartIncluding": "3.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.2.1.65",
"versionStartIncluding": "3.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.0.0.365",
"versionStartIncluding": "4.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.1.0.227",
"versionStartIncluding": "4.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2.0.167",
"versionStartIncluding": "4.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.3.0.79",
"versionStartIncluding": "4.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.4.0.43",
"versionStartIncluding": "4.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.5.0.26",
"versionStartIncluding": "4.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.0.373",
"versionStartIncluding": "5.10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.11.0.417",
"versionStartIncluding": "5.11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.0.0.247",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.0.246",
"versionStartIncluding": "6.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.0.0.122",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.1.0.29",
"versionStartIncluding": "7.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_open_banking_am:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.0.0.393",
"versionStartIncluding": "2.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server_as_key_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.0.363",
"versionStartIncluding": "5.10.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_enterprise_integrator:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.0.223",
"versionStartIncluding": "6.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_api_control_plane:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.5.0.27",
"versionStartIncluding": "4.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_universal_gateway:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.5.0.25",
"versionStartIncluding": "4.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_traffic_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.5.0.25",
"versionStartIncluding": "4.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.registry_org.wso2.carbon.registry.info.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.32.14",
"versionStartIncluding": "4.7.32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.registry_org.wso2.carbon.registry.info.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.35.11",
"versionStartIncluding": "4.7.35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.registry_org.wso2.carbon.registry.info.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.39.9",
"versionStartIncluding": "4.7.39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.registry_org.wso2.carbon.registry.info.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.51.4",
"versionStartIncluding": "4.7.51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.registry_org.wso2.carbon.registry.info.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.8.3.9",
"versionStartIncluding": "4.8.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.registry_org.wso2.carbon.registry.info.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.8.13.6",
"versionStartIncluding": "4.8.13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.registry_org.wso2.carbon.registry.info.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.8.32.3",
"versionStartIncluding": "4.8.32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.registry_org.wso2.carbon.registry.info.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.8.36.1",
"versionStartIncluding": "4.8.36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.registry_org.wso2.carbon.registry.info.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.8.43.1",
"versionStartIncluding": "4.8.43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.registry_org.wso2.carbon.registry.info.ui:*:*:*:*:*:*:*:*",
"versionEndIncluding": "*",
"versionStartIncluding": "4.8.47",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.registry_org.wso2.carbon.registry.resource.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.24.7",
"versionStartIncluding": "4.7.24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.registry_org.wso2.carbon.registry.resource.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.32.14",
"versionStartIncluding": "4.7.32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.registry_org.wso2.carbon.registry.resource.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.33.13",
"versionStartIncluding": "4.7.33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.registry_org.wso2.carbon.registry.resource.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.35.11",
"versionStartIncluding": "4.7.35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.registry_org.wso2.carbon.registry.resource.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.39.9",
"versionStartIncluding": "4.7.39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.registry_org.wso2.carbon.registry.resource.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.51.4",
"versionStartIncluding": "4.7.51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.registry_org.wso2.carbon.registry.resource.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.8.3.9",
"versionStartIncluding": "4.8.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.registry_org.wso2.carbon.registry.resource.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.8.9.5",
"versionStartIncluding": "4.8.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.registry_org.wso2.carbon.registry.resource.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.8.12.5",
"versionStartIncluding": "4.8.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.registry_org.wso2.carbon.registry.resource.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.8.13.6",
"versionStartIncluding": "4.8.13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.registry_org.wso2.carbon.registry.resource.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.8.24.3",
"versionStartIncluding": "4.8.24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.registry_org.wso2.carbon.registry.resource.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.8.32.3",
"versionStartIncluding": "4.8.32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.registry_org.wso2.carbon.registry.resource.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.8.36.1",
"versionStartIncluding": "4.8.36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.registry_org.wso2.carbon.registry.resource.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.8.43.1",
"versionStartIncluding": "4.8.43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.registry_org.wso2.carbon.registry.resource.ui:*:*:*:*:*:*:*:*",
"versionEndIncluding": "*",
"versionStartIncluding": "4.8.47",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.governance_org.wso2.carbon.governance.wsdltool.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.8.19.5",
"versionStartIncluding": "4.8.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.governance_org.wso2.carbon.governance.wsdltool.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.8.21.9",
"versionStartIncluding": "4.8.21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.governance_org.wso2.carbon.governance.wsdltool.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.8.28.3",
"versionStartIncluding": "4.8.28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.governance_org.wso2.carbon.governance.wsdltool.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.8.30.3",
"versionStartIncluding": "4.8.30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.governance_org.wso2.carbon.governance.wsdltool.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.8.32.1",
"versionStartIncluding": "4.8.32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.governance_org.wso2.carbon.governance.wsdltool.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.8.33.3",
"versionStartIncluding": "4.8.33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.governance_org.wso2.carbon.governance.wsdltool.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.8.34.3",
"versionStartIncluding": "4.8.34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.governance_org.wso2.carbon.governance.wsdltool.ui:*:*:*:*:*:*:*:*",
"versionEndIncluding": "*",
"versionStartIncluding": "4.8.35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.identity.inbound.auth.oauth2_org.wso2.carbon.identity.oauth.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.4.2.165",
"versionStartIncluding": "6.4.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.identity.inbound.auth.oauth2_org.wso2.carbon.identity.oauth.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.4.111.155",
"versionStartIncluding": "6.4.111",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.identity.inbound.auth.oauth2_org.wso2.carbon.identity.oauth.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.4.176.28",
"versionStartIncluding": "6.4.176",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.identity.inbound.auth.oauth2_org.wso2.carbon.identity.oauth.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.4.180.12",
"versionStartIncluding": "6.4.180",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.identity.inbound.auth.oauth2_org.wso2.carbon.identity.oauth.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.9.6.26",
"versionStartIncluding": "6.9.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.identity.inbound.auth.oauth2_org.wso2.carbon.identity.oauth.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.13.16.19",
"versionStartIncluding": "6.13.16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.identity.inbound.auth.oauth2_org.wso2.carbon.identity.oauth.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.13.19.12",
"versionStartIncluding": "6.13.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.identity.inbound.auth.oauth2_org.wso2.carbon.identity.oauth.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.13.27.5",
"versionStartIncluding": "6.13.27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.identity.inbound.auth.oauth2_org.wso2.carbon.identity.oauth.ui:*:*:*:*:*:*:*:*",
"versionEndIncluding": "6.13.*",
"versionStartIncluding": "6.13.38",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.identity.inbound.auth.oauth2_org.wso2.carbon.identity.oauth.ui:*:*:*:*:*:*:*:*",
"versionEndIncluding": "*",
"versionStartIncluding": "7.0.349",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "crnkovi\u0107"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A reflected cross-site scripting (XSS) vulnerability exists in the management console of multiple WSO2 products due to improper output encoding. By tampering with specific parameters, a malicious actor can inject arbitrary JavaScript into the response, leading to reflected XSS.\u003cbr\u003e\u003cbr\u003eSuccessful exploitation could result in UI manipulation, redirection to malicious websites, or data theft from the browser. However, session-related sensitive cookies are protected with the httpOnly flag, which mitigates the risk of session hijacking."
}
],
"value": "A reflected cross-site scripting (XSS) vulnerability exists in the management console of multiple WSO2 products due to improper output encoding. By tampering with specific parameters, a malicious actor can inject arbitrary JavaScript into the response, leading to reflected XSS.\n\nSuccessful exploitation could result in UI manipulation, redirection to malicious websites, or data theft from the browser. However, session-related sensitive cookies are protected with the httpOnly flag, which mitigates the risk of session hijacking."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-05T19:21:32.971Z",
"orgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"shortName": "WSO2"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4486/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: transparent;\"\u003eFollow the instructions given on \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4486/#solution\"\u003e\u003cspan style=\"background-color: transparent;\"\u003ehttps://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4486/#solution\u003c/span\u003e\u003c/a\u003e \u003cbr\u003e"
}
],
"value": "Follow the instructions given on https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4486/#solution"
}
],
"source": {
"advisory": "WSO2-2025-4486",
"discovery": "EXTERNAL"
},
"title": "Reflected Cross-Site Scripting (XSS) in Management Console of Multiple WSO2 Products Due to Improper Output Encoding",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"assignerShortName": "WSO2",
"cveId": "CVE-2025-10853",
"datePublished": "2025-11-05T19:21:32.971Z",
"dateReserved": "2025-09-22T10:42:09.872Z",
"dateUpdated": "2025-11-05T19:58:21.875Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-5770 (GCVE-0-2025-5770)
Vulnerability from cvelistv5 – Published: 2025-11-05 19:02 – Updated: 2025-11-05 20:13
VLAI?
Summary
A reflected cross-site scripting (XSS) vulnerability exists in the authentication endpoints of multiple WSO2 products due to a lack of output encoding. A malicious actor can inject arbitrary JavaScript payloads into the authentication endpoint, which are reflected back in the response, enabling browser-based attacks.
Exploitation may result in redirection to malicious websites, UI manipulation, or unauthorized data access from the victim’s browser. However, session-related cookies are protected with the httpOnly flag, which mitigates session hijacking via this vector.
Severity ?
6.1 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| WSO2 | WSO2 Identity Server |
Unknown:
0 , < 6.0.0
(custom)
Affected: 6.0.0 , < 6.0.0.247 (custom) Affected: 6.1.0 , < 6.1.0.246 (custom) Affected: 7.0.0 , < 7.0.0.122 (custom) Affected: 7.1.0 , < 7.1.0.29 (custom) |
||||||||||||
|
||||||||||||||
Credits
crnković
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-5770",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-05T20:12:48.724294Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-05T20:13:05.330Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WSO2 Identity Server",
"vendor": "WSO2",
"versions": [
{
"lessThan": "6.0.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "6.0.0.247",
"status": "affected",
"version": "6.0.0",
"versionType": "custom"
},
{
"lessThan": "6.1.0.246",
"status": "affected",
"version": "6.1.0",
"versionType": "custom"
},
{
"lessThan": "7.0.0.122",
"status": "affected",
"version": "7.0.0",
"versionType": "custom"
},
{
"lessThan": "7.1.0.29",
"status": "affected",
"version": "7.1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 API Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.2.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "4.2.0.150",
"status": "affected",
"version": "4.2.0",
"versionType": "custom"
},
{
"lessThan": "4.3.0.63",
"status": "affected",
"version": "4.3.0",
"versionType": "custom"
},
{
"lessThan": "4.4.0.26",
"status": "affected",
"version": "4.4.0",
"versionType": "custom"
},
{
"lessThan": "4.5.0.10",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 API Control Plane",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.0.11",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.0.0.247",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.0.246",
"versionStartIncluding": "6.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.0.0.122",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.1.0.29",
"versionStartIncluding": "7.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2.0.150",
"versionStartIncluding": "4.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.3.0.63",
"versionStartIncluding": "4.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.4.0.26",
"versionStartIncluding": "4.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.5.0.10",
"versionStartIncluding": "4.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_api_control_plane:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.5.0.11",
"versionStartIncluding": "4.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "crnkovi\u0107"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A reflected cross-site scripting (XSS) vulnerability exists in the authentication endpoints of multiple WSO2 products due to a lack of output encoding. A malicious actor can inject arbitrary JavaScript payloads into the authentication endpoint, which are reflected back in the response, enabling browser-based attacks.\u003cbr\u003e\u003cbr\u003eExploitation may result in redirection to malicious websites, UI manipulation, or unauthorized data access from the victim\u2019s browser. However, session-related cookies are protected with the httpOnly flag, which mitigates session hijacking via this vector."
}
],
"value": "A reflected cross-site scripting (XSS) vulnerability exists in the authentication endpoints of multiple WSO2 products due to a lack of output encoding. A malicious actor can inject arbitrary JavaScript payloads into the authentication endpoint, which are reflected back in the response, enabling browser-based attacks.\n\nExploitation may result in redirection to malicious websites, UI manipulation, or unauthorized data access from the victim\u2019s browser. However, session-related cookies are protected with the httpOnly flag, which mitigates session hijacking via this vector."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-05T19:02:48.434Z",
"orgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"shortName": "WSO2"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4270/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: transparent;\"\u003eFollow the instructions given on \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4270/#solution\"\u003e\u003cspan style=\"background-color: transparent;\"\u003ehttps://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4270/#solution\u003c/span\u003e\u003c/a\u003e \u003cbr\u003e"
}
],
"value": "Follow the instructions given on https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4270/#solution"
}
],
"source": {
"advisory": "WSO2-2025-4270",
"discovery": "EXTERNAL"
},
"title": "Reflected Cross-Site Scripting (XSS) in Authentication Endpoints of Multiple WSO2 Products",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"assignerShortName": "WSO2",
"cveId": "CVE-2025-5770",
"datePublished": "2025-11-05T19:02:48.434Z",
"dateReserved": "2025-06-06T06:00:39.196Z",
"dateUpdated": "2025-11-05T20:13:05.330Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-11093 (GCVE-0-2025-11093)
Vulnerability from cvelistv5 – Published: 2025-11-05 18:31 – Updated: 2025-11-05 19:39
VLAI?
Summary
An arbitrary code execution vulnerability exists in multiple WSO2 products due to insufficient restrictions in the GraalJS and NashornJS Script Mediator engines. Authenticated users with elevated privileges can execute arbitrary code within the integration runtime environment.
By default, access to these scripting engines is limited to administrators in WSO2 Micro Integrator and WSO2 Enterprise Integrator, while in WSO2 API Manager, access extends to both administrators and API creators. This may allow trusted-but-privileged users to perform unauthorized actions or compromise the execution environment.
Severity ?
8.4 (High)
CWE
- CWE-94 - Improper Control of Generation of Code ('Code Injection')
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| WSO2 | WSO2 Micro Integrator |
Unknown:
0 , < 4.0.0
(custom)
Affected: 4.0.0 , < 4.0.0.145 (custom) Affected: 4.1.0 , < 4.1.0.147 (custom) Affected: 4.2.0 , < 4.2.0.141 (custom) Affected: 4.3.0 , < 4.3.0.42 (custom) Affected: 4.4.0 , < 4.4.0.27 (custom) |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
Credits
crnković
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-11093",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-05T19:14:13.042418Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-05T19:39:15.696Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WSO2 Micro Integrator",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.0.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "4.0.0.145",
"status": "affected",
"version": "4.0.0",
"versionType": "custom"
},
{
"lessThan": "4.1.0.147",
"status": "affected",
"version": "4.1.0",
"versionType": "custom"
},
{
"lessThan": "4.2.0.141",
"status": "affected",
"version": "4.2.0",
"versionType": "custom"
},
{
"lessThan": "4.3.0.42",
"status": "affected",
"version": "4.3.0",
"versionType": "custom"
},
{
"lessThan": "4.4.0.27",
"status": "affected",
"version": "4.4.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 API Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "3.1.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "3.1.0.345",
"status": "affected",
"version": "3.1.0",
"versionType": "custom"
},
{
"lessThan": "3.2.0.446",
"status": "affected",
"version": "3.2.0",
"versionType": "custom"
},
{
"lessThan": "3.2.1.66",
"status": "affected",
"version": "3.2.1",
"versionType": "custom"
},
{
"lessThan": "4.0.0.366",
"status": "affected",
"version": "4.0.0",
"versionType": "custom"
},
{
"lessThan": "4.1.0.228",
"status": "affected",
"version": "4.1.0",
"versionType": "custom"
},
{
"lessThan": "4.2.0.169",
"status": "affected",
"version": "4.2.0",
"versionType": "custom"
},
{
"lessThan": "4.3.0.81",
"status": "affected",
"version": "4.3.0",
"versionType": "custom"
},
{
"lessThan": "4.4.0.45",
"status": "affected",
"version": "4.4.0",
"versionType": "custom"
},
{
"lessThan": "4.5.0.28",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Enterprise Integrator",
"vendor": "WSO2",
"versions": [
{
"lessThan": "6.6.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "6.6.0.224",
"status": "affected",
"version": "6.6.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Universal Gateway",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.0.27",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 API Control Plane",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.0.29",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Traffic Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.0.27",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Open Banking IAM",
"vendor": "WSO2",
"versions": [
{
"lessThan": "2.0.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "2.0.0.414",
"status": "affected",
"version": "2.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Open Banking AM",
"vendor": "WSO2",
"versions": [
{
"lessThan": "2.0.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "2.0.0.394",
"status": "affected",
"version": "2.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Identity Server as Key Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "5.10.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "5.10.0.365",
"status": "affected",
"version": "5.10.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"packageName": "org.apache.synapse:synapse-core",
"product": "org.apache.synapse:synapse-core",
"vendor": "WSO2",
"versions": [
{
"lessThan": "2.1.7.wso2v227_99",
"status": "affected",
"version": "2.1.7.wso2v227",
"versionType": "custom"
},
{
"lessThan": "2.1.7.wso2v271_88",
"status": "affected",
"version": "2.1.7.wso2v271",
"versionType": "custom"
},
{
"lessThan": "2.1.7.wso2v143_121",
"status": "affected",
"version": "2.1.7.wso2v143",
"versionType": "custom"
},
{
"lessThan": "2.1.7.wso2v319_13",
"status": "affected",
"version": "2.1.7.wso2v319",
"versionType": "custom"
},
{
"lessThan": "2.1.7.wso2v183_72",
"status": "affected",
"version": "2.1.7.wso2v183",
"versionType": "custom"
},
{
"lessThan": "4.0.0.wso2v119_27",
"status": "affected",
"version": "4.0.0.wso2v119",
"versionType": "custom"
},
{
"lessThan": "4.0.0.wso2v20_93",
"status": "affected",
"version": "4.0.0.wso2v20",
"versionType": "custom"
},
{
"lessThan": "4.0.0.wso2v215_26",
"status": "affected",
"version": "4.0.0.wso2v215",
"versionType": "custom"
},
{
"lessThan": "4.0.0.wso2v218_1",
"status": "affected",
"version": "4.0.0.wso2v218",
"versionType": "custom"
},
{
"lessThan": "4.0.0.wso2v105_13",
"status": "affected",
"version": "4.0.0.wso2v105",
"versionType": "custom"
},
{
"lessThan": "4.0.0.wso2v131_5",
"status": "affected",
"version": "4.0.0.wso2v131",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "4.0.0-wso2v254",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"packageName": "org.apache.synapse:synapse-extensions",
"product": "org.apache.synapse:synapse-extensions",
"vendor": "WSO2",
"versions": [
{
"lessThan": "2.1.7.wso2v227_99",
"status": "affected",
"version": "2.1.7.wso2v227",
"versionType": "custom"
},
{
"lessThan": "2.1.7.wso2v271_88",
"status": "affected",
"version": "2.1.7.wso2v271",
"versionType": "custom"
},
{
"lessThan": "2.1.7.wso2v143_121",
"status": "affected",
"version": "2.1.7.wso2v143",
"versionType": "custom"
},
{
"lessThan": "2.1.7.wso2v319_13",
"status": "affected",
"version": "2.1.7.wso2v319",
"versionType": "custom"
},
{
"lessThan": "2.1.7.wso2v183_72",
"status": "affected",
"version": "2.1.7.wso2v183",
"versionType": "custom"
},
{
"lessThan": "4.0.0.wso2v119_27",
"status": "affected",
"version": "4.0.0.wso2v119",
"versionType": "custom"
},
{
"lessThan": "4.0.0.wso2v20_93",
"status": "affected",
"version": "4.0.0.wso2v20",
"versionType": "custom"
},
{
"lessThan": "4.0.0.wso2v215_26",
"status": "affected",
"version": "4.0.0.wso2v215",
"versionType": "custom"
},
{
"lessThan": "4.0.0.wso2v218_1",
"status": "affected",
"version": "4.0.0.wso2v218",
"versionType": "custom"
},
{
"lessThan": "4.0.0.wso2v105_13",
"status": "affected",
"version": "4.0.0.wso2v105",
"versionType": "custom"
},
{
"lessThan": "4.0.0.wso2v131_5",
"status": "affected",
"version": "4.0.0.wso2v131",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "4.0.0-wso2v254",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_micro_integrator:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.0.0.145",
"versionStartIncluding": "4.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_micro_integrator:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.1.0.147",
"versionStartIncluding": "4.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_micro_integrator:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2.0.141",
"versionStartIncluding": "4.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_micro_integrator:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.3.0.42",
"versionStartIncluding": "4.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_micro_integrator:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.4.0.27",
"versionStartIncluding": "4.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.1.0.345",
"versionStartIncluding": "3.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.2.0.446",
"versionStartIncluding": "3.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.2.1.66",
"versionStartIncluding": "3.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.0.0.366",
"versionStartIncluding": "4.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.1.0.228",
"versionStartIncluding": "4.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2.0.169",
"versionStartIncluding": "4.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.3.0.81",
"versionStartIncluding": "4.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.4.0.45",
"versionStartIncluding": "4.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.5.0.28",
"versionStartIncluding": "4.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_enterprise_integrator:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.0.224",
"versionStartIncluding": "6.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_universal_gateway:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.5.0.27",
"versionStartIncluding": "4.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_api_control_plane:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.5.0.29",
"versionStartIncluding": "4.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_traffic_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.5.0.27",
"versionStartIncluding": "4.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_open_banking_iam:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.0.0.414",
"versionStartIncluding": "2.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_open_banking_am:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.0.0.394",
"versionStartIncluding": "2.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server_as_key_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.0.365",
"versionStartIncluding": "5.10.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:org.apache.synapse_synapse-core:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.1.7.wso2v227_99",
"versionStartIncluding": "2.1.7.wso2v227",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.apache.synapse_synapse-core:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.1.7.wso2v271_88",
"versionStartIncluding": "2.1.7.wso2v271",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.apache.synapse_synapse-core:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.1.7.wso2v143_121",
"versionStartIncluding": "2.1.7.wso2v143",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.apache.synapse_synapse-core:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.1.7.wso2v319_13",
"versionStartIncluding": "2.1.7.wso2v319",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.apache.synapse_synapse-core:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.1.7.wso2v183_72",
"versionStartIncluding": "2.1.7.wso2v183",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.apache.synapse_synapse-core:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.0.0.wso2v119_27",
"versionStartIncluding": "4.0.0.wso2v119",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.apache.synapse_synapse-core:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.0.0.wso2v20_93",
"versionStartIncluding": "4.0.0.wso2v20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.apache.synapse_synapse-core:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.0.0.wso2v215_26",
"versionStartIncluding": "4.0.0.wso2v215",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.apache.synapse_synapse-core:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.0.0.wso2v218_1",
"versionStartIncluding": "4.0.0.wso2v218",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.apache.synapse_synapse-core:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.0.0.wso2v105_13",
"versionStartIncluding": "4.0.0.wso2v105",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.apache.synapse_synapse-core:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.0.0.wso2v131_5",
"versionStartIncluding": "4.0.0.wso2v131",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.apache.synapse_synapse-core:*:*:*:*:*:*:*:*",
"versionEndIncluding": "*",
"versionStartIncluding": "4.0.0-wso2v254",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:org.apache.synapse_synapse-extensions:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.1.7.wso2v227_99",
"versionStartIncluding": "2.1.7.wso2v227",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.apache.synapse_synapse-extensions:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.1.7.wso2v271_88",
"versionStartIncluding": "2.1.7.wso2v271",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.apache.synapse_synapse-extensions:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.1.7.wso2v143_121",
"versionStartIncluding": "2.1.7.wso2v143",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.apache.synapse_synapse-extensions:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.1.7.wso2v319_13",
"versionStartIncluding": "2.1.7.wso2v319",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.apache.synapse_synapse-extensions:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.1.7.wso2v183_72",
"versionStartIncluding": "2.1.7.wso2v183",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.apache.synapse_synapse-extensions:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.0.0.wso2v119_27",
"versionStartIncluding": "4.0.0.wso2v119",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.apache.synapse_synapse-extensions:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.0.0.wso2v20_93",
"versionStartIncluding": "4.0.0.wso2v20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.apache.synapse_synapse-extensions:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.0.0.wso2v215_26",
"versionStartIncluding": "4.0.0.wso2v215",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.apache.synapse_synapse-extensions:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.0.0.wso2v218_1",
"versionStartIncluding": "4.0.0.wso2v218",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.apache.synapse_synapse-extensions:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.0.0.wso2v105_13",
"versionStartIncluding": "4.0.0.wso2v105",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.apache.synapse_synapse-extensions:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.0.0.wso2v131_5",
"versionStartIncluding": "4.0.0.wso2v131",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.apache.synapse_synapse-extensions:*:*:*:*:*:*:*:*",
"versionEndIncluding": "*",
"versionStartIncluding": "4.0.0-wso2v254",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "crnkovi\u0107"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An arbitrary code execution vulnerability exists in multiple WSO2 products due to insufficient restrictions in the GraalJS and NashornJS Script Mediator engines. Authenticated users with elevated privileges can execute arbitrary code within the integration runtime environment.\u003cbr\u003e\u003cbr\u003eBy default, access to these scripting engines is limited to administrators in WSO2 Micro Integrator and WSO2 Enterprise Integrator, while in WSO2 API Manager, access extends to both administrators and API creators. This may allow trusted-but-privileged users to perform unauthorized actions or compromise the execution environment.\u003cbr\u003e"
}
],
"value": "An arbitrary code execution vulnerability exists in multiple WSO2 products due to insufficient restrictions in the GraalJS and NashornJS Script Mediator engines. Authenticated users with elevated privileges can execute arbitrary code within the integration runtime environment.\n\nBy default, access to these scripting engines is limited to administrators in WSO2 Micro Integrator and WSO2 Enterprise Integrator, while in WSO2 API Manager, access extends to both administrators and API creators. This may allow trusted-but-privileged users to perform unauthorized actions or compromise the execution environment."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-05T18:34:04.737Z",
"orgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"shortName": "WSO2"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4510/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: transparent;\"\u003eFollow the instructions given on \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4510/#solution\"\u003e\u003cspan style=\"background-color: transparent;\"\u003ehttps://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4510/#solution\u003c/span\u003e\u003c/a\u003e \u003cbr\u003e"
}
],
"value": "Follow the instructions given on https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4510/#solution"
}
],
"source": {
"advisory": "WSO2-2025-4510",
"discovery": "EXTERNAL"
},
"title": "Arbitrary Code Execution with higher privileged users in Multiple WSO2 Products via Script Mediator Engines (GraalJS and NashornJS)",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"assignerShortName": "WSO2",
"cveId": "CVE-2025-11093",
"datePublished": "2025-11-05T18:31:17.873Z",
"dateReserved": "2025-09-27T07:10:05.485Z",
"dateUpdated": "2025-11-05T19:39:15.696Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-10907 (GCVE-0-2025-10907)
Vulnerability from cvelistv5 – Published: 2025-11-05 18:03 – Updated: 2025-11-05 18:49
VLAI?
Summary
An arbitrary file upload vulnerability exists in multiple WSO2 products due to insufficient validation of uploaded content and destination in SOAP admin services. A malicious actor with administrative privileges can upload a specially crafted file to a user-controlled location within the deployment.
Successful exploitation may lead to remote code execution (RCE) on the server, depending on how the uploaded file is processed. By default, this vulnerability is only exploitable by users with administrative access to the affected SOAP services.
Severity ?
8.4 (High)
CWE
- CWE-434 - Unrestricted Upload of File with Dangerous Type
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| WSO2 | WSO2 API Manager |
Unknown:
0 , < 3.1.0
(custom)
Affected: 3.1.0 , < 3.1.0.345 (custom) Affected: 3.2.0 , < 3.2.0.448 (custom) Affected: 3.2.1 , < 3.2.1.66 (custom) Affected: 4.0.0 , < 4.0.0.367 (custom) Affected: 4.1.0 , < 4.1.0.230 (custom) Affected: 4.2.0 , < 4.2.0.169 (custom) Affected: 4.3.0 , < 4.3.0.81 (custom) Affected: 4.4.0 , < 4.4.0.45 (custom) Affected: 4.5.0 , < 4.5.0.28 (custom) |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Credits
crnković
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-10907",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-05T18:49:26.232581Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-05T18:49:44.604Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WSO2 API Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "3.1.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "3.1.0.345",
"status": "affected",
"version": "3.1.0",
"versionType": "custom"
},
{
"lessThan": "3.2.0.448",
"status": "affected",
"version": "3.2.0",
"versionType": "custom"
},
{
"lessThan": "3.2.1.66",
"status": "affected",
"version": "3.2.1",
"versionType": "custom"
},
{
"lessThan": "4.0.0.367",
"status": "affected",
"version": "4.0.0",
"versionType": "custom"
},
{
"lessThan": "4.1.0.230",
"status": "affected",
"version": "4.1.0",
"versionType": "custom"
},
{
"lessThan": "4.2.0.169",
"status": "affected",
"version": "4.2.0",
"versionType": "custom"
},
{
"lessThan": "4.3.0.81",
"status": "affected",
"version": "4.3.0",
"versionType": "custom"
},
{
"lessThan": "4.4.0.45",
"status": "affected",
"version": "4.4.0",
"versionType": "custom"
},
{
"lessThan": "4.5.0.28",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Open Banking IAM",
"vendor": "WSO2",
"versions": [
{
"lessThan": "2.0.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "2.0.0.414",
"status": "affected",
"version": "2.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Open Banking AM",
"vendor": "WSO2",
"versions": [
{
"lessThan": "2.0.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "2.0.0.394",
"status": "affected",
"version": "2.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 API Control Plane",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.0.29",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Universal Gateway",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.0.27",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Traffic Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.0.27",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Micro Integrator",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.0.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "4.0.0.145",
"status": "affected",
"version": "4.0.0",
"versionType": "custom"
},
{
"lessThan": "4.1.0.147",
"status": "affected",
"version": "4.1.0",
"versionType": "custom"
},
{
"lessThan": "4.2.0.141",
"status": "affected",
"version": "4.2.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Identity Server",
"vendor": "WSO2",
"versions": [
{
"lessThan": "5.10.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "5.10.0.375",
"status": "affected",
"version": "5.10.0",
"versionType": "custom"
},
{
"lessThan": "5.11.0.419",
"status": "affected",
"version": "5.11.0",
"versionType": "custom"
},
{
"lessThan": "6.0.0.248",
"status": "affected",
"version": "6.0.0",
"versionType": "custom"
},
{
"lessThan": "6.1.0.248",
"status": "affected",
"version": "6.1.0",
"versionType": "custom"
},
{
"lessThan": "7.0.0.124",
"status": "affected",
"version": "7.0.0",
"versionType": "custom"
},
{
"lessThan": "7.1.0.31",
"status": "affected",
"version": "7.1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Identity Server as Key Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "5.10.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "5.10.0.365",
"status": "affected",
"version": "5.10.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Enterprise Integrator",
"vendor": "WSO2",
"versions": [
{
"lessThan": "6.6.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "6.6.0.224",
"status": "affected",
"version": "6.6.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"packageName": "org.jaggeryjs:org.jaggeryjs.jaggery.app.mgt",
"product": "org.jaggeryjs:org.jaggeryjs.jaggery.app.mgt",
"vendor": "WSO2",
"versions": [
{
"lessThan": "0.14.13.8",
"status": "affected",
"version": "0.14.13",
"versionType": "custom"
},
{
"lessThan": "0.14.16.1",
"status": "affected",
"version": "0.14.16",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"packageName": "org.wso2.carbon.event-processing:org.wso2.carbon.event.simulator.core",
"product": "org.wso2.carbon.event-processing:org.wso2.carbon.event.simulator.core",
"vendor": "WSO2",
"versions": [
{
"lessThan": "2.2.14.7",
"status": "affected",
"version": "2.2.14",
"versionType": "custom"
},
{
"lessThan": "2.2.17.2",
"status": "affected",
"version": "2.2.17",
"versionType": "custom"
},
{
"lessThan": "2.3.1.3",
"status": "affected",
"version": "2.3.1",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "2.3.19",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"packageName": "org.wso2.carbon.mediation:org.wso2.carbon.mediation.library",
"product": "org.wso2.carbon.mediation:org.wso2.carbon.mediation.library",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.7.30.47",
"status": "affected",
"version": "4.7.30",
"versionType": "custom"
},
{
"lessThan": "4.7.61.62",
"status": "affected",
"version": "4.7.61",
"versionType": "custom"
},
{
"lessThan": "4.7.99.304",
"status": "affected",
"version": "4.7.99",
"versionType": "custom"
},
{
"lessThan": "4.7.131.22",
"status": "affected",
"version": "4.7.131",
"versionType": "custom"
},
{
"lessThan": "4.7.175.30",
"status": "affected",
"version": "4.7.175",
"versionType": "custom"
},
{
"lessThan": "4.7.188.12",
"status": "affected",
"version": "4.7.188",
"versionType": "custom"
},
{
"lessThan": "4.7.204.13",
"status": "affected",
"version": "4.7.204",
"versionType": "custom"
},
{
"lessThan": "4.7.221.7",
"status": "affected",
"version": "4.7.221",
"versionType": "custom"
},
{
"lessThan": "4.7.245.7",
"status": "affected",
"version": "4.7.245",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "4.7.262",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"packageName": "org.wso2.carbon.deployment:org.wso2.carbon.module.mgt",
"product": "org.wso2.carbon.deployment:org.wso2.carbon.module.mgt",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.9.15.2",
"status": "affected",
"version": "4.9.15",
"versionType": "custom"
},
{
"lessThan": "4.10.1.1",
"status": "affected",
"version": "4.10.1",
"versionType": "custom"
},
{
"lessThan": "4.10.9.2",
"status": "affected",
"version": "4.10.9",
"versionType": "custom"
},
{
"lessThan": "4.11.1.3",
"status": "affected",
"version": "4.11.1",
"versionType": "custom"
},
{
"lessThan": "4.11.3.3",
"status": "affected",
"version": "4.11.3",
"versionType": "custom"
},
{
"lessThan": "4.11.7.5",
"status": "affected",
"version": "4.11.7",
"versionType": "custom"
},
{
"lessThan": "4.11.14.2",
"status": "affected",
"version": "4.11.14",
"versionType": "custom"
},
{
"lessThan": "4.11.17.3",
"status": "affected",
"version": "4.11.17",
"versionType": "custom"
},
{
"lessThan": "4.11.18.1",
"status": "affected",
"version": "4.11.18",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "4.11.24",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"packageName": "org.wso2.carbon.deployment:org.wso2.carbon.webapp.mgt",
"product": "org.wso2.carbon.deployment:org.wso2.carbon.webapp.mgt",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.10.1.1",
"status": "affected",
"version": "4.10.1",
"versionType": "custom"
},
{
"lessThan": "4.10.9.2",
"status": "affected",
"version": "4.10.9",
"versionType": "custom"
},
{
"lessThan": "4.11.1.3",
"status": "affected",
"version": "4.11.1",
"versionType": "custom"
},
{
"lessThan": "4.11.3.3",
"status": "affected",
"version": "4.11.3",
"versionType": "custom"
},
{
"lessThan": "4.11.7.5",
"status": "affected",
"version": "4.11.7",
"versionType": "custom"
},
{
"lessThan": "4.11.14.2",
"status": "affected",
"version": "4.11.14",
"versionType": "custom"
},
{
"lessThan": "4.11.17.3",
"status": "affected",
"version": "4.11.17",
"versionType": "custom"
},
{
"lessThan": "4.11.18.1",
"status": "affected",
"version": "4.11.18",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "4.11.24",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"packageName": "org.apache.ws.commons.axiom.wso2:axiom",
"product": "org.apache.ws.commons.axiom.wso2:axiom",
"vendor": "WSO2",
"versions": [
{
"lessThan": "1.2.11.wso2v17_5",
"status": "affected",
"version": "1.2.11",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "1.2.11-wso2v21",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"packageName": "org.wso2.carbon:org.wso2.carbon.base",
"product": "org.wso2.carbon:org.wso2.carbon.base",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.3.46",
"status": "affected",
"version": "4.5.3",
"versionType": "custom"
},
{
"lessThan": "4.6.0.2005",
"status": "affected",
"version": "4.6.0",
"versionType": "custom"
},
{
"lessThan": "4.6.1.153",
"status": "affected",
"version": "4.6.1",
"versionType": "custom"
},
{
"lessThan": "4.6.2.668",
"status": "affected",
"version": "4.6.2",
"versionType": "custom"
},
{
"lessThan": "4.6.3.37",
"status": "affected",
"version": "4.6.3",
"versionType": "custom"
},
{
"lessThan": "4.6.4.15",
"status": "affected",
"version": "4.6.4",
"versionType": "custom"
},
{
"lessThan": "4.7.1.72",
"status": "affected",
"version": "4.7.1",
"versionType": "custom"
},
{
"lessThan": "4.8.1.40",
"status": "affected",
"version": "4.8.1",
"versionType": "custom"
},
{
"lessThan": "4.9.0.103",
"status": "affected",
"version": "4.9.0",
"versionType": "custom"
},
{
"lessThan": "4.9.26.26",
"status": "affected",
"version": "4.9.26",
"versionType": "custom"
},
{
"lessThan": "4.9.27.11",
"status": "affected",
"version": "4.9.27",
"versionType": "custom"
},
{
"lessThan": "4.9.28.12",
"status": "affected",
"version": "4.9.28",
"versionType": "custom"
},
{
"lessThan": "4.10.9.71",
"status": "affected",
"version": "4.10.9",
"versionType": "custom"
},
{
"lessThan": "4.10.42.14",
"status": "affected",
"version": "4.10.42",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.9.*",
"status": "unaffected",
"version": "4.9.30",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "4.10.95",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"packageName": "org.wso2.carbon:org.wso2.carbon.utils",
"product": "org.wso2.carbon:org.wso2.carbon.utils",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.3.46",
"status": "affected",
"version": "4.5.3",
"versionType": "custom"
},
{
"lessThan": "4.6.0.2005",
"status": "affected",
"version": "4.6.0",
"versionType": "custom"
},
{
"lessThan": "4.6.1.153",
"status": "affected",
"version": "4.6.1",
"versionType": "custom"
},
{
"lessThan": "4.6.2.668",
"status": "affected",
"version": "4.6.2",
"versionType": "custom"
},
{
"lessThan": "4.6.3.37",
"status": "affected",
"version": "4.6.3",
"versionType": "custom"
},
{
"lessThan": "4.6.4.15",
"status": "affected",
"version": "4.6.4",
"versionType": "custom"
},
{
"lessThan": "4.7.1.72",
"status": "affected",
"version": "4.7.1",
"versionType": "custom"
},
{
"lessThan": "4.8.1.40",
"status": "affected",
"version": "4.8.1",
"versionType": "custom"
},
{
"lessThan": "4.9.0.103",
"status": "affected",
"version": "4.9.0",
"versionType": "custom"
},
{
"lessThan": "4.9.26.26",
"status": "affected",
"version": "4.9.26",
"versionType": "custom"
},
{
"lessThan": "4.9.27.11",
"status": "affected",
"version": "4.9.27",
"versionType": "custom"
},
{
"lessThan": "4.9.28.12",
"status": "affected",
"version": "4.9.28",
"versionType": "custom"
},
{
"lessThan": "4.10.9.71",
"status": "affected",
"version": "4.10.9",
"versionType": "custom"
},
{
"lessThan": "4.10.42.14",
"status": "affected",
"version": "4.10.42",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.9.*",
"status": "unaffected",
"version": "4.9.30",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "4.10.95",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.1.0.345",
"versionStartIncluding": "3.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.2.0.448",
"versionStartIncluding": "3.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.2.1.66",
"versionStartIncluding": "3.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.0.0.367",
"versionStartIncluding": "4.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.1.0.230",
"versionStartIncluding": "4.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2.0.169",
"versionStartIncluding": "4.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.3.0.81",
"versionStartIncluding": "4.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.4.0.45",
"versionStartIncluding": "4.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.5.0.28",
"versionStartIncluding": "4.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_open_banking_iam:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.0.0.414",
"versionStartIncluding": "2.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_open_banking_am:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.0.0.394",
"versionStartIncluding": "2.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_api_control_plane:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.5.0.29",
"versionStartIncluding": "4.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_universal_gateway:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.5.0.27",
"versionStartIncluding": "4.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_traffic_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.5.0.27",
"versionStartIncluding": "4.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_micro_integrator:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.0.0.145",
"versionStartIncluding": "4.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_micro_integrator:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.1.0.147",
"versionStartIncluding": "4.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_micro_integrator:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2.0.141",
"versionStartIncluding": "4.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.0.375",
"versionStartIncluding": "5.10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.11.0.419",
"versionStartIncluding": "5.11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.0.0.248",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.0.248",
"versionStartIncluding": "6.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.0.0.124",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.1.0.31",
"versionStartIncluding": "7.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server_as_key_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.0.365",
"versionStartIncluding": "5.10.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_enterprise_integrator:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.0.224",
"versionStartIncluding": "6.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:org.jaggeryjs_org.jaggeryjs.jaggery.app.mgt:*:*:*:*:*:*:*:*",
"versionEndExcluding": "0.14.13.8",
"versionStartIncluding": "0.14.13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.jaggeryjs_org.jaggeryjs.jaggery.app.mgt:*:*:*:*:*:*:*:*",
"versionEndExcluding": "0.14.16.1",
"versionStartIncluding": "0.14.16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.event-processing_org.wso2.carbon.event.simulator.core:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.2.14.7",
"versionStartIncluding": "2.2.14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.event-processing_org.wso2.carbon.event.simulator.core:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.2.17.2",
"versionStartIncluding": "2.2.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.event-processing_org.wso2.carbon.event.simulator.core:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.3.1.3",
"versionStartIncluding": "2.3.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.event-processing_org.wso2.carbon.event.simulator.core:*:*:*:*:*:*:*:*",
"versionEndIncluding": "*",
"versionStartIncluding": "2.3.19",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.mediation_org.wso2.carbon.mediation.library:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.30.47",
"versionStartIncluding": "4.7.30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.mediation_org.wso2.carbon.mediation.library:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.61.62",
"versionStartIncluding": "4.7.61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.mediation_org.wso2.carbon.mediation.library:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.99.304",
"versionStartIncluding": "4.7.99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.mediation_org.wso2.carbon.mediation.library:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.131.22",
"versionStartIncluding": "4.7.131",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.mediation_org.wso2.carbon.mediation.library:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.175.30",
"versionStartIncluding": "4.7.175",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.mediation_org.wso2.carbon.mediation.library:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.188.12",
"versionStartIncluding": "4.7.188",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.mediation_org.wso2.carbon.mediation.library:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.204.13",
"versionStartIncluding": "4.7.204",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.mediation_org.wso2.carbon.mediation.library:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.221.7",
"versionStartIncluding": "4.7.221",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.mediation_org.wso2.carbon.mediation.library:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.245.7",
"versionStartIncluding": "4.7.245",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.mediation_org.wso2.carbon.mediation.library:*:*:*:*:*:*:*:*",
"versionEndIncluding": "*",
"versionStartIncluding": "4.7.262",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.deployment_org.wso2.carbon.module.mgt:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.9.15.2",
"versionStartIncluding": "4.9.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.deployment_org.wso2.carbon.module.mgt:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.10.1.1",
"versionStartIncluding": "4.10.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.deployment_org.wso2.carbon.module.mgt:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.10.9.2",
"versionStartIncluding": "4.10.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.deployment_org.wso2.carbon.module.mgt:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.11.1.3",
"versionStartIncluding": "4.11.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.deployment_org.wso2.carbon.module.mgt:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.11.3.3",
"versionStartIncluding": "4.11.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.deployment_org.wso2.carbon.module.mgt:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.11.7.5",
"versionStartIncluding": "4.11.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.deployment_org.wso2.carbon.module.mgt:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.11.14.2",
"versionStartIncluding": "4.11.14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.deployment_org.wso2.carbon.module.mgt:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.11.17.3",
"versionStartIncluding": "4.11.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.deployment_org.wso2.carbon.module.mgt:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.11.18.1",
"versionStartIncluding": "4.11.18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.deployment_org.wso2.carbon.module.mgt:*:*:*:*:*:*:*:*",
"versionEndIncluding": "*",
"versionStartIncluding": "4.11.24",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.deployment_org.wso2.carbon.webapp.mgt:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.10.1.1",
"versionStartIncluding": "4.10.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.deployment_org.wso2.carbon.webapp.mgt:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.10.9.2",
"versionStartIncluding": "4.10.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.deployment_org.wso2.carbon.webapp.mgt:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.11.1.3",
"versionStartIncluding": "4.11.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.deployment_org.wso2.carbon.webapp.mgt:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.11.3.3",
"versionStartIncluding": "4.11.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.deployment_org.wso2.carbon.webapp.mgt:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.11.7.5",
"versionStartIncluding": "4.11.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.deployment_org.wso2.carbon.webapp.mgt:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.11.14.2",
"versionStartIncluding": "4.11.14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.deployment_org.wso2.carbon.webapp.mgt:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.11.17.3",
"versionStartIncluding": "4.11.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.deployment_org.wso2.carbon.webapp.mgt:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.11.18.1",
"versionStartIncluding": "4.11.18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.deployment_org.wso2.carbon.webapp.mgt:*:*:*:*:*:*:*:*",
"versionEndIncluding": "*",
"versionStartIncluding": "4.11.24",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:org.apache.ws.commons.axiom.wso2_axiom:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.2.11.wso2v17_5",
"versionStartIncluding": "1.2.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.apache.ws.commons.axiom.wso2_axiom:*:*:*:*:*:*:*:*",
"versionEndIncluding": "*",
"versionStartIncluding": "1.2.11-wso2v21",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.base:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.5.3.46",
"versionStartIncluding": "4.5.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.base:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.6.0.2005",
"versionStartIncluding": "4.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.base:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.6.1.153",
"versionStartIncluding": "4.6.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.base:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.6.2.668",
"versionStartIncluding": "4.6.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.base:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.6.3.37",
"versionStartIncluding": "4.6.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.base:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.6.4.15",
"versionStartIncluding": "4.6.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.base:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.1.72",
"versionStartIncluding": "4.7.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.base:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.8.1.40",
"versionStartIncluding": "4.8.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.base:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.9.0.103",
"versionStartIncluding": "4.9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.base:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.9.26.26",
"versionStartIncluding": "4.9.26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.base:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.9.27.11",
"versionStartIncluding": "4.9.27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.base:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.9.28.12",
"versionStartIncluding": "4.9.28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.base:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.10.9.71",
"versionStartIncluding": "4.10.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.base:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.10.42.14",
"versionStartIncluding": "4.10.42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.base:*:*:*:*:*:*:*:*",
"versionEndIncluding": "4.9.*",
"versionStartIncluding": "4.9.30",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.base:*:*:*:*:*:*:*:*",
"versionEndIncluding": "*",
"versionStartIncluding": "4.10.95",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.utils:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.5.3.46",
"versionStartIncluding": "4.5.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.utils:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.6.0.2005",
"versionStartIncluding": "4.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.utils:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.6.1.153",
"versionStartIncluding": "4.6.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.utils:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.6.2.668",
"versionStartIncluding": "4.6.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.utils:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.6.3.37",
"versionStartIncluding": "4.6.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.utils:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.6.4.15",
"versionStartIncluding": "4.6.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.utils:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.1.72",
"versionStartIncluding": "4.7.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.utils:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.8.1.40",
"versionStartIncluding": "4.8.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.utils:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.9.0.103",
"versionStartIncluding": "4.9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.utils:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.9.26.26",
"versionStartIncluding": "4.9.26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.utils:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.9.27.11",
"versionStartIncluding": "4.9.27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.utils:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.9.28.12",
"versionStartIncluding": "4.9.28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.utils:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.10.9.71",
"versionStartIncluding": "4.10.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.utils:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.10.42.14",
"versionStartIncluding": "4.10.42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.utils:*:*:*:*:*:*:*:*",
"versionEndIncluding": "4.9.*",
"versionStartIncluding": "4.9.30",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.utils:*:*:*:*:*:*:*:*",
"versionEndIncluding": "*",
"versionStartIncluding": "4.10.95",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "crnkovi\u0107"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An arbitrary file upload vulnerability exists in multiple WSO2 products due to insufficient validation of uploaded content and destination in SOAP admin services. A malicious actor with administrative privileges can upload a specially crafted file to a user-controlled location within the deployment.\u003cbr\u003e\u003cbr\u003eSuccessful exploitation may lead to remote code execution (RCE) on the server, depending on how the uploaded file is processed. By default, this vulnerability is only exploitable by users with administrative access to the affected SOAP services.\u003cbr\u003e"
}
],
"value": "An arbitrary file upload vulnerability exists in multiple WSO2 products due to insufficient validation of uploaded content and destination in SOAP admin services. A malicious actor with administrative privileges can upload a specially crafted file to a user-controlled location within the deployment.\n\nSuccessful exploitation may lead to remote code execution (RCE) on the server, depending on how the uploaded file is processed. By default, this vulnerability is only exploitable by users with administrative access to the affected SOAP services."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-05T18:03:49.831Z",
"orgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"shortName": "WSO2"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4603/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: transparent;\"\u003eFollow the instructions given on \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4603/#solution\"\u003e\u003cspan style=\"background-color: transparent;\"\u003ehttps://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4603/#solution\u003c/span\u003e\u003c/a\u003e \u003cbr\u003e"
}
],
"value": "Follow the instructions given on https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4603/#solution"
}
],
"source": {
"advisory": "WSO2-2025-4603",
"discovery": "EXTERNAL"
},
"title": "Authenticated Arbitrary File Upload in Multiple WSO2 Products via SOAP Admin Services Leading to Remote Code Execution",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"assignerShortName": "WSO2",
"cveId": "CVE-2025-10907",
"datePublished": "2025-11-05T18:03:49.831Z",
"dateReserved": "2025-09-24T09:25:09.461Z",
"dateUpdated": "2025-11-05T18:49:44.604Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-10713 (GCVE-0-2025-10713)
Vulnerability from cvelistv5 – Published: 2025-11-05 17:18 – Updated: 2025-11-05 18:15
VLAI?
Summary
An XML External Entity (XXE) vulnerability exists in multiple WSO2 products due to improper configuration of the XML parser. The application parses user-supplied XML without applying sufficient restrictions, allowing resolution of external entities.
A successful attack could enable a remote, unauthenticated attacker to read sensitive files from the server's filesystem or perform denial-of-service (DoS) attacks that render affected services unavailable.
Severity ?
6.5 (Medium)
CWE
- CWE-611 - Improper Restriction of XML External Entity Reference
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| WSO2 | WSO2 Enterprise Integrator |
Unknown:
0 , < 6.6.0
(custom)
Affected: 6.6.0 , < 6.6.0.223 (custom) |
|||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||
Credits
crnković
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-10713",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-05T18:15:46.961845Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-05T18:15:56.913Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WSO2 Enterprise Integrator",
"vendor": "WSO2",
"versions": [
{
"lessThan": "6.6.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "6.6.0.223",
"status": "affected",
"version": "6.6.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 API Control Plane",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.0.27",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Universal Gateway",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.0.25",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Traffic Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.0.25",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 API Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "3.1.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "3.1.0.344",
"status": "affected",
"version": "3.1.0",
"versionType": "custom"
},
{
"lessThan": "3.2.0.445",
"status": "affected",
"version": "3.2.0",
"versionType": "custom"
},
{
"lessThan": "3.2.1.65",
"status": "affected",
"version": "3.2.1",
"versionType": "custom"
},
{
"lessThan": "4.0.0.365",
"status": "affected",
"version": "4.0.0",
"versionType": "custom"
},
{
"lessThan": "4.1.0.227",
"status": "affected",
"version": "4.1.0",
"versionType": "custom"
},
{
"lessThan": "4.2.0.167",
"status": "affected",
"version": "4.2.0",
"versionType": "custom"
},
{
"lessThan": "4.3.0.79",
"status": "affected",
"version": "4.3.0",
"versionType": "custom"
},
{
"lessThan": "4.4.0.43",
"status": "affected",
"version": "4.4.0",
"versionType": "custom"
},
{
"lessThan": "4.5.0.26",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Identity Server",
"vendor": "WSO2",
"versions": [
{
"lessThan": "5.10.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "5.10.0.373",
"status": "affected",
"version": "5.10.0",
"versionType": "custom"
},
{
"lessThan": "5.11.0.417",
"status": "affected",
"version": "5.11.0",
"versionType": "custom"
},
{
"lessThan": "7.1.0.29",
"status": "affected",
"version": "7.1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Open Banking IAM",
"vendor": "WSO2",
"versions": [
{
"lessThan": "2.0.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "2.0.0.413",
"status": "affected",
"version": "2.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Open Banking AM",
"vendor": "WSO2",
"versions": [
{
"lessThan": "2.0.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "2.0.0.393",
"status": "affected",
"version": "2.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Identity Server as Key Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "5.10.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "5.10.0.363",
"status": "affected",
"version": "5.10.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"packageName": "org.wso2.carbon.mediation:org.wso2.carbon.localentry",
"product": "org.wso2.carbon.mediation:org.wso2.carbon.localentry",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.7.30.46",
"status": "affected",
"version": "4.7.30",
"versionType": "custom"
},
{
"lessThan": "4.7.61.61",
"status": "affected",
"version": "4.7.61",
"versionType": "custom"
},
{
"lessThan": "4.7.99.303",
"status": "affected",
"version": "4.7.99",
"versionType": "custom"
},
{
"lessThan": "4.7.131.21",
"status": "affected",
"version": "4.7.131",
"versionType": "custom"
},
{
"lessThan": "4.7.175.29",
"status": "affected",
"version": "4.7.175",
"versionType": "custom"
},
{
"lessThan": "4.7.188.11",
"status": "affected",
"version": "4.7.188",
"versionType": "custom"
},
{
"lessThan": "4.7.204.12",
"status": "affected",
"version": "4.7.204",
"versionType": "custom"
},
{
"lessThan": "4.7.221.6",
"status": "affected",
"version": "4.7.221",
"versionType": "custom"
},
{
"lessThan": "4.7.245.6",
"status": "affected",
"version": "4.7.245",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "4.7.259",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_enterprise_integrator:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.0.223",
"versionStartIncluding": "6.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_api_control_plane:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.5.0.27",
"versionStartIncluding": "4.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_universal_gateway:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.5.0.25",
"versionStartIncluding": "4.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_traffic_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.5.0.25",
"versionStartIncluding": "4.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.1.0.344",
"versionStartIncluding": "3.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.2.0.445",
"versionStartIncluding": "3.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.2.1.65",
"versionStartIncluding": "3.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.0.0.365",
"versionStartIncluding": "4.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.1.0.227",
"versionStartIncluding": "4.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2.0.167",
"versionStartIncluding": "4.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.3.0.79",
"versionStartIncluding": "4.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.4.0.43",
"versionStartIncluding": "4.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.5.0.26",
"versionStartIncluding": "4.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.0.373",
"versionStartIncluding": "5.10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.11.0.417",
"versionStartIncluding": "5.11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.1.0.29",
"versionStartIncluding": "7.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_open_banking_iam:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.0.0.413",
"versionStartIncluding": "2.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_open_banking_am:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.0.0.393",
"versionStartIncluding": "2.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server_as_key_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.0.363",
"versionStartIncluding": "5.10.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.mediation_org.wso2.carbon.localentry:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.30.46",
"versionStartIncluding": "4.7.30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.mediation_org.wso2.carbon.localentry:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.61.61",
"versionStartIncluding": "4.7.61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.mediation_org.wso2.carbon.localentry:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.99.303",
"versionStartIncluding": "4.7.99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.mediation_org.wso2.carbon.localentry:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.131.21",
"versionStartIncluding": "4.7.131",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.mediation_org.wso2.carbon.localentry:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.175.29",
"versionStartIncluding": "4.7.175",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.mediation_org.wso2.carbon.localentry:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.188.11",
"versionStartIncluding": "4.7.188",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.mediation_org.wso2.carbon.localentry:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.204.12",
"versionStartIncluding": "4.7.204",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.mediation_org.wso2.carbon.localentry:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.221.6",
"versionStartIncluding": "4.7.221",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.mediation_org.wso2.carbon.localentry:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.245.6",
"versionStartIncluding": "4.7.245",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.mediation_org.wso2.carbon.localentry:*:*:*:*:*:*:*:*",
"versionEndIncluding": "*",
"versionStartIncluding": "4.7.259",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "crnkovi\u0107"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An XML External Entity (XXE) vulnerability exists in multiple WSO2 products due to improper configuration of the XML parser. The application parses user-supplied XML without applying sufficient restrictions, allowing resolution of external entities.\u003cbr\u003e\u003cbr\u003eA successful attack could enable a remote, unauthenticated attacker to read sensitive files from the server\u0027s filesystem or perform denial-of-service (DoS) attacks that render affected services unavailable.\u003cbr\u003e"
}
],
"value": "An XML External Entity (XXE) vulnerability exists in multiple WSO2 products due to improper configuration of the XML parser. The application parses user-supplied XML without applying sufficient restrictions, allowing resolution of external entities.\n\nA successful attack could enable a remote, unauthenticated attacker to read sensitive files from the server\u0027s filesystem or perform denial-of-service (DoS) attacks that render affected services unavailable."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-611",
"description": "CWE-611 Improper Restriction of XML External Entity Reference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-05T17:18:24.719Z",
"orgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"shortName": "WSO2"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4505/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: transparent;\"\u003eFollow the instructions given on \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4505/#solution\"\u003e\u003cspan style=\"background-color: transparent;\"\u003ehttps://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4505/#solution\u003c/span\u003e\u003c/a\u003e \u003cbr\u003e"
}
],
"value": "Follow the instructions given on https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4505/#solution"
}
],
"source": {
"advisory": "WSO2-2025-4505",
"discovery": "EXTERNAL"
},
"title": "XML External Entity (XXE) Vulnerability in Multiple WSO2 Products Due to Improper XML Parser Configuration",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"assignerShortName": "WSO2",
"cveId": "CVE-2025-10713",
"datePublished": "2025-11-05T17:18:24.719Z",
"dateReserved": "2025-09-19T06:15:37.907Z",
"dateUpdated": "2025-11-05T18:15:56.913Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-3125 (GCVE-0-2025-3125)
Vulnerability from cvelistv5 – Published: 2025-11-05 14:49 – Updated: 2025-11-05 18:59
VLAI?
Summary
An arbitrary file upload vulnerability exists in multiple WSO2 products due to improper input validation in the CarbonAppUploader admin service endpoint. An authenticated attacker with appropriate privileges can upload a malicious file to a user-controlled location on the server, potentially leading to remote code execution (RCE).
This functionality is restricted by default to admin users; therefore, successful exploitation requires valid credentials with administrative permissions.
Severity ?
6.7 (Medium)
CWE
- CWE-434 - Unrestricted Upload of File with Dangerous Type
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| WSO2 | WSO2 Identity Server |
Unknown:
0 , < 5.10.0
(custom)
Affected: 5.10.0 , < 5.10.0.360 (custom) Affected: 5.11.0 , < 5.11.0.399 (custom) Affected: 6.0.0 , < 6.0.0.235 (custom) Affected: 6.1.0 , < 6.1.0.230 (custom) Affected: 7.0.0 , < 7.0.0.101 (custom) Affected: 7.1.0 , < 7.1.0.32 (custom) |
||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
Credits
Danh Nguyen (k4it0) from VIB Pentest Team
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-3125",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-05T18:58:52.925152Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-05T18:59:01.426Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WSO2 Identity Server",
"vendor": "WSO2",
"versions": [
{
"lessThan": "5.10.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "5.10.0.360",
"status": "affected",
"version": "5.10.0",
"versionType": "custom"
},
{
"lessThan": "5.11.0.399",
"status": "affected",
"version": "5.11.0",
"versionType": "custom"
},
{
"lessThan": "6.0.0.235",
"status": "affected",
"version": "6.0.0",
"versionType": "custom"
},
{
"lessThan": "6.1.0.230",
"status": "affected",
"version": "6.1.0",
"versionType": "custom"
},
{
"lessThan": "7.0.0.101",
"status": "affected",
"version": "7.0.0",
"versionType": "custom"
},
{
"lessThan": "7.1.0.32",
"status": "affected",
"version": "7.1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Enterprise Integrator",
"vendor": "WSO2",
"versions": [
{
"lessThan": "6.6.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "6.6.0.217",
"status": "affected",
"version": "6.6.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Open Banking IAM",
"vendor": "WSO2",
"versions": [
{
"lessThan": "2.0.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "2.0.0.402",
"status": "affected",
"version": "2.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Identity Server as Key Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "5.10.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "5.10.0.353",
"status": "affected",
"version": "5.10.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 API Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "3.2.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "3.2.0.421",
"status": "affected",
"version": "3.2.0",
"versionType": "custom"
},
{
"lessThan": "3.2.1.41",
"status": "affected",
"version": "3.2.1",
"versionType": "custom"
},
{
"lessThan": "4.0.0.342",
"status": "affected",
"version": "4.0.0",
"versionType": "custom"
},
{
"lessThan": "4.1.0.203",
"status": "affected",
"version": "4.1.0",
"versionType": "custom"
},
{
"lessThan": "4.2.0.142",
"status": "affected",
"version": "4.2.0",
"versionType": "custom"
},
{
"lessThan": "4.3.0.55",
"status": "affected",
"version": "4.3.0",
"versionType": "custom"
},
{
"lessThan": "4.4.0.19",
"status": "affected",
"version": "4.4.0",
"versionType": "custom"
},
{
"lessThan": "4.5.0.2",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 API Control Plane",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.0.2",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Universal Gateway",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.0.2",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Traffic Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.0.2",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"packageName": "org.wso2.carbon.commons:org.wso2.carbon.application.upload",
"product": "org.wso2.carbon.commons:org.wso2.carbon.application.upload",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.7.19.7",
"status": "affected",
"version": "4.7.19",
"versionType": "custom"
},
{
"lessThan": "4.7.32.5",
"status": "affected",
"version": "4.7.32",
"versionType": "custom"
},
{
"lessThan": "4.7.35.8",
"status": "affected",
"version": "4.7.35",
"versionType": "custom"
},
{
"lessThan": "4.7.39.1",
"status": "affected",
"version": "4.7.39",
"versionType": "custom"
},
{
"lessThan": "4.7.49.4",
"status": "affected",
"version": "4.7.49",
"versionType": "custom"
},
{
"lessThan": "4.7.52.1",
"status": "affected",
"version": "4.7.52",
"versionType": "custom"
},
{
"lessThan": "4.10.13.1",
"status": "affected",
"version": "4.10.13",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.9.*",
"status": "unaffected",
"version": "4.9.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "4.10.24",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.0.360",
"versionStartIncluding": "5.10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.11.0.399",
"versionStartIncluding": "5.11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.0.0.235",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.0.230",
"versionStartIncluding": "6.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.0.0.101",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.1.0.32",
"versionStartIncluding": "7.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_enterprise_integrator:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.0.217",
"versionStartIncluding": "6.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_open_banking_iam:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.0.0.402",
"versionStartIncluding": "2.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server_as_key_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.0.353",
"versionStartIncluding": "5.10.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.2.0.421",
"versionStartIncluding": "3.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.2.1.41",
"versionStartIncluding": "3.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.0.0.342",
"versionStartIncluding": "4.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.1.0.203",
"versionStartIncluding": "4.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2.0.142",
"versionStartIncluding": "4.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.3.0.55",
"versionStartIncluding": "4.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.4.0.19",
"versionStartIncluding": "4.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.5.0.2",
"versionStartIncluding": "4.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_api_control_plane:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.5.0.2",
"versionStartIncluding": "4.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_universal_gateway:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.5.0.2",
"versionStartIncluding": "4.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_traffic_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.5.0.2",
"versionStartIncluding": "4.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.commons_org.wso2.carbon.application.upload:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.19.7",
"versionStartIncluding": "4.7.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.commons_org.wso2.carbon.application.upload:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.32.5",
"versionStartIncluding": "4.7.32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.commons_org.wso2.carbon.application.upload:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.35.8",
"versionStartIncluding": "4.7.35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.commons_org.wso2.carbon.application.upload:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.39.1",
"versionStartIncluding": "4.7.39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.commons_org.wso2.carbon.application.upload:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.49.4",
"versionStartIncluding": "4.7.49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.commons_org.wso2.carbon.application.upload:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.52.1",
"versionStartIncluding": "4.7.52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.commons_org.wso2.carbon.application.upload:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.10.13.1",
"versionStartIncluding": "4.10.13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.commons_org.wso2.carbon.application.upload:*:*:*:*:*:*:*:*",
"versionEndIncluding": "4.9.*",
"versionStartIncluding": "4.9.12",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.commons_org.wso2.carbon.application.upload:*:*:*:*:*:*:*:*",
"versionEndIncluding": "*",
"versionStartIncluding": "4.10.24",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Danh Nguyen (k4it0) from VIB Pentest Team"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An arbitrary file upload vulnerability exists in multiple WSO2 products due to improper input validation in the CarbonAppUploader admin service endpoint. An authenticated attacker with appropriate privileges can upload a malicious file to a user-controlled location on the server, potentially leading to remote code execution (RCE).\u003cbr\u003e\u003cbr\u003eThis functionality is restricted by default to admin users; therefore, successful exploitation requires valid credentials with administrative permissions.\u003cbr\u003e"
}
],
"value": "An arbitrary file upload vulnerability exists in multiple WSO2 products due to improper input validation in the CarbonAppUploader admin service endpoint. An authenticated attacker with appropriate privileges can upload a malicious file to a user-controlled location on the server, potentially leading to remote code execution (RCE).\n\nThis functionality is restricted by default to admin users; therefore, successful exploitation requires valid credentials with administrative permissions."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-05T14:50:04.961Z",
"orgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"shortName": "WSO2"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-3961/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: transparent;\"\u003eFollow the instructions given on \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-3961/#solution\"\u003e\u003cspan style=\"background-color: transparent;\"\u003ehttps://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-3961/#solution\u003c/span\u003e\u003c/a\u003e \u003cbr\u003e"
}
],
"value": "Follow the instructions given on https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-3961/#solution https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-3961/#solution"
}
],
"source": {
"advisory": "WSO2-2025-3961",
"discovery": "EXTERNAL"
},
"title": "Authenticated Arbitrary File Upload in Multiple WSO2 Products via CarbonAppUploader Admin Service Leading to Remote Code Execution",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"assignerShortName": "WSO2",
"cveId": "CVE-2025-3125",
"datePublished": "2025-11-05T14:49:44.597Z",
"dateReserved": "2025-04-02T15:12:12.137Z",
"dateUpdated": "2025-11-05T18:59:01.426Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-5605 (GCVE-0-2025-5605)
Vulnerability from cvelistv5 – Published: 2025-10-24 10:09 – Updated: 2025-10-24 11:44
VLAI?
Summary
An authentication bypass vulnerability exists in the Management Console of multiple WSO2 products. A malicious actor with access to the console can manipulate the request URI to bypass authentication and access certain restricted resources, resulting in partial information disclosure.
The known exposure from this issue is limited to memory statistics. While the vulnerability does not allow full account compromise, it still enables unauthorized access to internal system details.
Severity ?
4.3 (Medium)
CWE
- CWE-290 - Authentication Bypass by Spoofing
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| WSO2 | WSO2 Identity Server |
Unknown:
0 , < 5.10.0
(custom)
Affected: 5.10.0 , < 5.10.0.361 (custom) Affected: 5.11.0 , < 5.11.0.414 (custom) Affected: 6.0.0 , < 6.0.0.245 (custom) Affected: 6.1.0 , < 6.1.0.244 (custom) Affected: 7.0.0 , < 7.0.0.119 (custom) Affected: 7.1.0 , < 7.1.0.25 (custom) |
|||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||
Credits
Noël Maccary
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-5605",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-24T11:44:00.454638Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-290",
"description": "CWE-290 Authentication Bypass by Spoofing",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-24T11:44:58.987Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WSO2 Identity Server",
"vendor": "WSO2",
"versions": [
{
"lessThan": "5.10.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "5.10.0.361",
"status": "affected",
"version": "5.10.0",
"versionType": "custom"
},
{
"lessThan": "5.11.0.414",
"status": "affected",
"version": "5.11.0",
"versionType": "custom"
},
{
"lessThan": "6.0.0.245",
"status": "affected",
"version": "6.0.0",
"versionType": "custom"
},
{
"lessThan": "6.1.0.244",
"status": "affected",
"version": "6.1.0",
"versionType": "custom"
},
{
"lessThan": "7.0.0.119",
"status": "affected",
"version": "7.0.0",
"versionType": "custom"
},
{
"lessThan": "7.1.0.25",
"status": "affected",
"version": "7.1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Enterprise Integrator",
"vendor": "WSO2",
"versions": [
{
"lessThan": "6.6.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "6.6.0.217",
"status": "affected",
"version": "6.6.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Universal Gateway",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.0.10",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Traffic Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.0.10",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 API Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "3.1.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "3.1.0.334",
"status": "affected",
"version": "3.1.0",
"versionType": "custom"
},
{
"lessThan": "3.2.0.430",
"status": "affected",
"version": "3.2.0",
"versionType": "custom"
},
{
"lessThan": "3.2.1.48",
"status": "affected",
"version": "3.2.1",
"versionType": "custom"
},
{
"lessThan": "4.0.0.346",
"status": "affected",
"version": "4.0.0",
"versionType": "custom"
},
{
"lessThan": "4.1.0.210",
"status": "affected",
"version": "4.1.0",
"versionType": "custom"
},
{
"lessThan": "4.2.0.148",
"status": "affected",
"version": "4.2.0",
"versionType": "custom"
},
{
"lessThan": "4.3.0.61",
"status": "affected",
"version": "4.3.0",
"versionType": "custom"
},
{
"lessThan": "4.4.0.24",
"status": "affected",
"version": "4.4.0",
"versionType": "custom"
},
{
"lessThan": "4.5.0.10",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 API Control Plane",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.0.11",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Identity Server as Key Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "5.10.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "5.10.0.354",
"status": "affected",
"version": "5.10.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Open Banking AM",
"vendor": "WSO2",
"versions": [
{
"lessThan": "2.0.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "2.0.0.382",
"status": "affected",
"version": "2.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Open Banking IAM",
"vendor": "WSO2",
"versions": [
{
"lessThan": "2.0.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "2.0.0.403",
"status": "affected",
"version": "2.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"packageName": "org.wso2.carbon:org.wso2.carbon.ui",
"product": "org.wso2.carbon:org.wso2.carbon.ui",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.3.40",
"status": "affected",
"version": "4.5.3",
"versionType": "custom"
},
{
"lessThan": "4.6.0.1224",
"status": "affected",
"version": "4.6.0",
"versionType": "custom"
},
{
"lessThan": "4.6.1.150",
"status": "affected",
"version": "4.6.1",
"versionType": "custom"
},
{
"lessThan": "4.6.2.664",
"status": "affected",
"version": "4.6.2",
"versionType": "custom"
},
{
"lessThan": "4.6.3.32",
"status": "affected",
"version": "4.6.3",
"versionType": "custom"
},
{
"lessThan": "4.6.4.8",
"status": "affected",
"version": "4.6.4",
"versionType": "custom"
},
{
"lessThan": "4.7.1.69",
"status": "affected",
"version": "4.7.1",
"versionType": "custom"
},
{
"lessThan": "4.8.1.33",
"status": "affected",
"version": "4.8.1",
"versionType": "custom"
},
{
"lessThan": "4.9.0.100",
"status": "affected",
"version": "4.9.0",
"versionType": "custom"
},
{
"lessThan": "4.9.26.20",
"status": "affected",
"version": "4.9.26",
"versionType": "custom"
},
{
"lessThan": "4.9.27.4",
"status": "affected",
"version": "4.9.27",
"versionType": "custom"
},
{
"lessThan": "4.9.28.4",
"status": "affected",
"version": "4.9.28",
"versionType": "custom"
},
{
"lessThan": "4.10.9.68",
"status": "affected",
"version": "4.10.9",
"versionType": "custom"
},
{
"lessThan": "4.10.42.10",
"status": "affected",
"version": "4.10.42",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.9.*",
"status": "unaffected",
"version": "4.9.29",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "4.10.90",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.0.361",
"versionStartIncluding": "5.10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.11.0.414",
"versionStartIncluding": "5.11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.0.0.245",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.0.244",
"versionStartIncluding": "6.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.0.0.119",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.1.0.25",
"versionStartIncluding": "7.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_enterprise_integrator:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.0.217",
"versionStartIncluding": "6.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_universal_gateway:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.5.0.10",
"versionStartIncluding": "4.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_traffic_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.5.0.10",
"versionStartIncluding": "4.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.1.0.334",
"versionStartIncluding": "3.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.2.0.430",
"versionStartIncluding": "3.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.2.1.48",
"versionStartIncluding": "3.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.0.0.346",
"versionStartIncluding": "4.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.1.0.210",
"versionStartIncluding": "4.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2.0.148",
"versionStartIncluding": "4.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.3.0.61",
"versionStartIncluding": "4.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.4.0.24",
"versionStartIncluding": "4.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.5.0.10",
"versionStartIncluding": "4.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_api_control_plane:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.5.0.11",
"versionStartIncluding": "4.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server_as_key_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.0.354",
"versionStartIncluding": "5.10.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_open_banking_am:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.0.0.382",
"versionStartIncluding": "2.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_open_banking_iam:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.0.0.403",
"versionStartIncluding": "2.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.5.3.40",
"versionStartIncluding": "4.5.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.6.0.1224",
"versionStartIncluding": "4.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.6.1.150",
"versionStartIncluding": "4.6.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.6.2.664",
"versionStartIncluding": "4.6.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.6.3.32",
"versionStartIncluding": "4.6.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.6.4.8",
"versionStartIncluding": "4.6.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.1.69",
"versionStartIncluding": "4.7.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.8.1.33",
"versionStartIncluding": "4.8.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.9.0.100",
"versionStartIncluding": "4.9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.9.26.20",
"versionStartIncluding": "4.9.26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.9.27.4",
"versionStartIncluding": "4.9.27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.9.28.4",
"versionStartIncluding": "4.9.28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.10.9.68",
"versionStartIncluding": "4.10.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.10.42.10",
"versionStartIncluding": "4.10.42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
"versionEndIncluding": "4.9.*",
"versionStartIncluding": "4.9.29",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
"versionEndIncluding": "*",
"versionStartIncluding": "4.10.90",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "No\u00ebl Maccary"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An authentication bypass vulnerability exists in the Management Console of multiple WSO2 products. A malicious actor with access to the console can manipulate the request URI to bypass authentication and access certain restricted resources, resulting in partial information disclosure.\u003cbr\u003e\u003cbr\u003eThe known exposure from this issue is limited to memory statistics. While the vulnerability does not allow full account compromise, it still enables unauthorized access to internal system details.\u003cbr\u003e"
}
],
"value": "An authentication bypass vulnerability exists in the Management Console of multiple WSO2 products. A malicious actor with access to the console can manipulate the request URI to bypass authentication and access certain restricted resources, resulting in partial information disclosure.\n\nThe known exposure from this issue is limited to memory statistics. While the vulnerability does not allow full account compromise, it still enables unauthorized access to internal system details."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-24T10:17:47.415Z",
"orgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"shortName": "WSO2"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4115/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: transparent;\"\u003eFollow the instructions given on \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4115/#solution\"\u003e\u003cspan style=\"background-color: transparent;\"\u003ehttps://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4115/#solution\u003c/span\u003e\u003c/a\u003e \u003cbr\u003e"
}
],
"value": "Follow the instructions given on https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4115/#solution https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4115/#solution"
}
],
"source": {
"advisory": "WSO2-2025-4115",
"discovery": "EXTERNAL"
},
"title": "Authentication Bypass via URI Manipulation in Multiple WSO2 Products\u0027 Management Console Leading to Partial Information Disclosure",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"assignerShortName": "WSO2",
"cveId": "CVE-2025-5605",
"datePublished": "2025-10-24T10:09:59.591Z",
"dateReserved": "2025-06-04T10:51:11.459Z",
"dateUpdated": "2025-10-24T11:44:58.987Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-5350 (GCVE-0-2025-5350)
Vulnerability from cvelistv5 – Published: 2025-10-24 10:08 – Updated: 2025-10-24 12:16
VLAI?
Summary
SSRF and Reflected XSS Vulnerabilities exist in multiple WSO2 products within the deprecated Try-It feature, which was accessible only to administrative users. This feature accepted user-supplied URLs without proper validation, leading to server-side request forgery (SSRF). Additionally, the retrieved content was directly reflected in the HTTP response, enabling reflected cross-site scripting (XSS) in the admin user's browser context.
By tricking an administrator into accessing a crafted link, an attacker could force the server to fetch malicious content and reflect it into the admin’s browser, leading to arbitrary JavaScript execution for UI manipulation or data exfiltration. While session cookies are protected with the HttpOnly flag, the XSS still poses a significant security risk.
Furthermore, SSRF can be used by a privileged user to query internal services, potentially aiding in internal network enumeration if the target endpoints are reachable from the affected product.
Severity ?
5.9 (Medium)
CWE
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| WSO2 | WSO2 Identity Server |
Unknown:
0 , < 5.10.0
(custom)
Affected: 5.10.0 , < 5.10.0.359 (custom) Affected: 5.11.0 , < 5.11.0.415 (custom) Affected: 6.0.0 , < 6.0.0.246 (custom) Affected: 6.1.0 , < 6.1.0.245 (custom) Affected: 7.0.0 , < 7.0.0.120 (custom) Affected: 7.1.0 , < 7.1.0.27 (custom) |
|||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||
Credits
Noël MACCARY
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-5350",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-24T12:16:39.906160Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-24T12:16:49.892Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WSO2 Identity Server",
"vendor": "WSO2",
"versions": [
{
"lessThan": "5.10.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "5.10.0.359",
"status": "affected",
"version": "5.10.0",
"versionType": "custom"
},
{
"lessThan": "5.11.0.415",
"status": "affected",
"version": "5.11.0",
"versionType": "custom"
},
{
"lessThan": "6.0.0.246",
"status": "affected",
"version": "6.0.0",
"versionType": "custom"
},
{
"lessThan": "6.1.0.245",
"status": "affected",
"version": "6.1.0",
"versionType": "custom"
},
{
"lessThan": "7.0.0.120",
"status": "affected",
"version": "7.0.0",
"versionType": "custom"
},
{
"lessThan": "7.1.0.27",
"status": "affected",
"version": "7.1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Enterprise Integrator",
"vendor": "WSO2",
"versions": [
{
"lessThan": "6.6.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "6.6.0.218",
"status": "affected",
"version": "6.6.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 API Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "3.1.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "3.1.0.332",
"status": "affected",
"version": "3.1.0",
"versionType": "custom"
},
{
"lessThan": "3.2.0.428",
"status": "affected",
"version": "3.2.0",
"versionType": "custom"
},
{
"lessThan": "3.2.1.47",
"status": "affected",
"version": "3.2.1",
"versionType": "custom"
},
{
"lessThan": "4.0.0.369",
"status": "affected",
"version": "4.0.0",
"versionType": "custom"
},
{
"lessThan": "4.1.0.209",
"status": "affected",
"version": "4.1.0",
"versionType": "custom"
},
{
"lessThan": "4.2.0.147",
"status": "affected",
"version": "4.2.0",
"versionType": "custom"
},
{
"lessThan": "4.3.0.60",
"status": "affected",
"version": "4.3.0",
"versionType": "custom"
},
{
"lessThan": "4.4.0.23",
"status": "affected",
"version": "4.4.0",
"versionType": "custom"
},
{
"lessThan": "4.5.0.7",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Universal Gateway",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.0.7",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Traffic Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.0.7",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 API Control Plane",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.0.7",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Open Banking AM",
"vendor": "WSO2",
"versions": [
{
"lessThan": "2.0.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "2.0.0.380",
"status": "affected",
"version": "2.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Open Banking IAM",
"vendor": "WSO2",
"versions": [
{
"lessThan": "2.0.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "2.0.0.401",
"status": "affected",
"version": "2.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Identity Server as Key Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "5.10.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "5.10.0.352",
"status": "affected",
"version": "5.10.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"packageName": "org.wso2.carbon:org.wso2.carbon.ui",
"product": "org.wso2.carbon:org.wso2.carbon.ui",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.3.41",
"status": "affected",
"version": "4.5.3",
"versionType": "custom"
},
{
"lessThan": "4.6.0.1087",
"status": "affected",
"version": "4.6.0",
"versionType": "custom"
},
{
"lessThan": "4.6.1.151",
"status": "affected",
"version": "4.6.1",
"versionType": "custom"
},
{
"lessThan": "4.6.2.672",
"status": "affected",
"version": "4.6.2",
"versionType": "custom"
},
{
"lessThan": "4.6.3.30",
"status": "affected",
"version": "4.6.3",
"versionType": "custom"
},
{
"lessThan": "4.6.4.7",
"status": "affected",
"version": "4.6.4",
"versionType": "custom"
},
{
"lessThan": "4.7.1.70",
"status": "affected",
"version": "4.7.1",
"versionType": "custom"
},
{
"lessThan": "4.8.1.32",
"status": "affected",
"version": "4.8.1",
"versionType": "custom"
},
{
"lessThan": "4.9.0.101",
"status": "affected",
"version": "4.9.0",
"versionType": "custom"
},
{
"lessThan": "4.9.26.19",
"status": "affected",
"version": "4.9.26",
"versionType": "custom"
},
{
"lessThan": "4.9.27.3",
"status": "affected",
"version": "4.9.27",
"versionType": "custom"
},
{
"lessThan": "4.9.28.1",
"status": "affected",
"version": "4.9.28",
"versionType": "custom"
},
{
"lessThan": "4.10.9.69",
"status": "affected",
"version": "4.10.9",
"versionType": "custom"
},
{
"lessThan": "4.10.42.11",
"status": "affected",
"version": "4.10.42",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.9.*",
"status": "unaffected",
"version": "4.9.29",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "4.10.93",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "No\u00ebl MACCARY"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "SSRF and Reflected XSS Vulnerabilities exist in multiple WSO2 products within the deprecated Try-It feature, which was accessible only to administrative users. This feature accepted user-supplied URLs without proper validation, leading to server-side request forgery (SSRF). Additionally, the retrieved content was directly reflected in the HTTP response, enabling reflected cross-site scripting (XSS) in the admin user\u0027s browser context.\u003cbr\u003e\u003cbr\u003eBy tricking an administrator into accessing a crafted link, an attacker could force the server to fetch malicious content and reflect it into the admin\u2019s browser, leading to arbitrary JavaScript execution for UI manipulation or data exfiltration. While session cookies are protected with the HttpOnly flag, the XSS still poses a significant security risk.\u003cbr\u003e\u003cbr\u003eFurthermore, SSRF can be used by a privileged user to query internal services, potentially aiding in internal network enumeration if the target endpoints are reachable from the affected product.\u003cbr\u003e"
}
],
"value": "SSRF and Reflected XSS Vulnerabilities exist in multiple WSO2 products within the deprecated Try-It feature, which was accessible only to administrative users. This feature accepted user-supplied URLs without proper validation, leading to server-side request forgery (SSRF). Additionally, the retrieved content was directly reflected in the HTTP response, enabling reflected cross-site scripting (XSS) in the admin user\u0027s browser context.\n\nBy tricking an administrator into accessing a crafted link, an attacker could force the server to fetch malicious content and reflect it into the admin\u2019s browser, leading to arbitrary JavaScript execution for UI manipulation or data exfiltration. While session cookies are protected with the HttpOnly flag, the XSS still poses a significant security risk.\n\nFurthermore, SSRF can be used by a privileged user to query internal services, potentially aiding in internal network enumeration if the target endpoints are reachable from the affected product."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "CWE-918 Server-Side Request Forgery (SSRF)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-24T10:15:53.793Z",
"orgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"shortName": "WSO2"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4124/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: transparent;\"\u003eFollow the instructions given on \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4124/#solution\"\u003e\u003cspan style=\"background-color: transparent;\"\u003ehttps://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4124/#solution\u003c/span\u003e\u003c/a\u003e \u003cbr\u003e"
}
],
"value": "Follow the instructions given on https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4124/#solution https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4124/#solution"
}
],
"source": {
"advisory": "WSO2-2025-4124",
"discovery": "EXTERNAL"
},
"title": "SSRF and Reflected XSS Vulnerability in Deprecated Try-It Feature of Multiple WSO2 Products",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"assignerShortName": "WSO2",
"cveId": "CVE-2025-5350",
"datePublished": "2025-10-24T10:08:07.719Z",
"dateReserved": "2025-05-30T06:56:02.711Z",
"dateUpdated": "2025-10-24T12:16:49.892Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-9152 (GCVE-0-2025-9152)
Vulnerability from cvelistv5 – Published: 2025-10-16 12:37 – Updated: 2025-10-17 16:00
VLAI?
Summary
An improper privilege management vulnerability exists in WSO2 API Manager due to missing authentication and authorization checks in the keymanager-operations Dynamic Client Registration (DCR) endpoint.
A malicious user can exploit this flaw to generate access tokens with elevated privileges, potentially leading to administrative access and the ability to perform unauthorized operations.
Severity ?
9.8 (Critical)
CWE
- CWE-306 - Missing Authentication for Critical Function
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| WSO2 | WSO2 API Manager |
Unknown:
0 , < 3.2.0
(custom)
Affected: 3.2.0 , < 3.2.0.437 (custom) Affected: 3.2.1 , < 3.2.1.57 (custom) Affected: 4.0.0 , < 4.0.0.357 (custom) Affected: 4.1.0 , < 4.1.0.221 (custom) Affected: 4.2.0 , < 4.2.0.159 (custom) Affected: 4.3.0 , < 4.3.0.72 (custom) Affected: 4.4.0 , < 4.4.0.35 (custom) Affected: 4.5.0 , < 4.5.0.19 (custom) |
|||||||
|
|||||||||
Credits
crnković
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-9152",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-16T12:59:14.709557Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306 Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-17T16:00:41.854Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WSO2 API Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "3.2.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "3.2.0.437",
"status": "affected",
"version": "3.2.0",
"versionType": "custom"
},
{
"lessThan": "3.2.1.57",
"status": "affected",
"version": "3.2.1",
"versionType": "custom"
},
{
"lessThan": "4.0.0.357",
"status": "affected",
"version": "4.0.0",
"versionType": "custom"
},
{
"lessThan": "4.1.0.221",
"status": "affected",
"version": "4.1.0",
"versionType": "custom"
},
{
"lessThan": "4.2.0.159",
"status": "affected",
"version": "4.2.0",
"versionType": "custom"
},
{
"lessThan": "4.3.0.72",
"status": "affected",
"version": "4.3.0",
"versionType": "custom"
},
{
"lessThan": "4.4.0.35",
"status": "affected",
"version": "4.4.0",
"versionType": "custom"
},
{
"lessThan": "4.5.0.19",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 API Control Plane",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.0.20",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "crnkovi\u0107"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An improper privilege management vulnerability exists in WSO2 API Manager due to missing authentication and authorization checks in the keymanager-operations Dynamic Client Registration (DCR) endpoint.\u003cbr\u003e\u003cbr\u003eA malicious user can exploit this flaw to generate access tokens with elevated privileges, potentially leading to administrative access and the ability to perform unauthorized operations.\u003cbr\u003e"
}
],
"value": "An improper privilege management vulnerability exists in WSO2 API Manager due to missing authentication and authorization checks in the keymanager-operations Dynamic Client Registration (DCR) endpoint.\n\nA malicious user can exploit this flaw to generate access tokens with elevated privileges, potentially leading to administrative access and the ability to perform unauthorized operations."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-16T12:37:00.966Z",
"orgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"shortName": "WSO2"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4483/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: transparent;\"\u003eFollow the instructions given on \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4483/#solution\"\u003e\u003cspan style=\"background-color: transparent;\"\u003ehttps://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4483/#solution\u003c/span\u003e\u003c/a\u003e \u003cbr\u003e"
}
],
"value": "Follow the instructions given on https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4483/#solution https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4483/#solution"
}
],
"source": {
"advisory": "WSO2-2025-4483",
"discovery": "EXTERNAL"
},
"title": "Improper Privilege Management in Multiple WSO2 API Manager via keymanager-operations DCR Endpoint",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"assignerShortName": "WSO2",
"cveId": "CVE-2025-9152",
"datePublished": "2025-10-16T12:37:00.966Z",
"dateReserved": "2025-08-19T08:48:03.616Z",
"dateUpdated": "2025-10-17T16:00:41.854Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-9804 (GCVE-0-2025-9804)
Vulnerability from cvelistv5 – Published: 2025-10-16 12:33 – Updated: 2025-10-17 16:01
VLAI?
Summary
An improper access control vulnerability exists in multiple WSO2 products due to insufficient permission enforcement in certain internal SOAP Admin Services and System REST APIs. A low-privileged user may exploit this flaw to perform unauthorized operations, including accessing server-level information.
This vulnerability affects only internal administrative interfaces. APIs exposed through the WSO2 API Manager's API Gateway remain unaffected.
Severity ?
9.6 (Critical)
8.9 (High)
CWE
- CWE-284 - Improper Access Control
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| WSO2 | WSO2 Identity Server as Key Manager |
Unknown:
0 , < 5.3.0
(custom)
Affected: 5.3.0 , < 5.3.0.41 (custom) Affected: 5.5.0 , < 5.5.0.53 (custom) Affected: 5.6.0 , < 5.6.0.75 (custom) Affected: 5.7.0 , < 5.7.0.125 (custom) Affected: 5.9.0 , < 5.9.0.176 (custom) Affected: 5.10.0 , < 5.10.0.359 (custom) |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Credits
crnković
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-9804",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-16T13:20:20.582589Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-17T16:01:25.350Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WSO2 Identity Server as Key Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "5.3.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "5.3.0.41",
"status": "affected",
"version": "5.3.0",
"versionType": "custom"
},
{
"lessThan": "5.5.0.53",
"status": "affected",
"version": "5.5.0",
"versionType": "custom"
},
{
"lessThan": "5.6.0.75",
"status": "affected",
"version": "5.6.0",
"versionType": "custom"
},
{
"lessThan": "5.7.0.125",
"status": "affected",
"version": "5.7.0",
"versionType": "custom"
},
{
"lessThan": "5.9.0.176",
"status": "affected",
"version": "5.9.0",
"versionType": "custom"
},
{
"lessThan": "5.10.0.359",
"status": "affected",
"version": "5.10.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Identity Server",
"vendor": "WSO2",
"versions": [
{
"lessThan": "5.2.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "5.2.0.34",
"status": "affected",
"version": "5.2.0",
"versionType": "custom"
},
{
"lessThan": "5.3.0.36",
"status": "affected",
"version": "5.3.0",
"versionType": "custom"
},
{
"lessThan": "5.4.0.34",
"status": "affected",
"version": "5.4.0",
"versionType": "custom"
},
{
"lessThan": "5.4.1.38",
"status": "affected",
"version": "5.4.1",
"versionType": "custom"
},
{
"lessThan": "5.5.0.52",
"status": "affected",
"version": "5.5.0",
"versionType": "custom"
},
{
"lessThan": "5.6.0.60",
"status": "affected",
"version": "5.6.0",
"versionType": "custom"
},
{
"lessThan": "5.7.0.126",
"status": "affected",
"version": "5.7.0",
"versionType": "custom"
},
{
"lessThan": "5.8.0.110",
"status": "affected",
"version": "5.8.0",
"versionType": "custom"
},
{
"lessThan": "5.9.0.169",
"status": "affected",
"version": "5.9.0",
"versionType": "custom"
},
{
"lessThan": "5.10.0.369",
"status": "affected",
"version": "5.10.0",
"versionType": "custom"
},
{
"lessThan": "5.11.0.413",
"status": "affected",
"version": "5.11.0",
"versionType": "custom"
},
{
"lessThan": "6.0.0.244",
"status": "affected",
"version": "6.0.0",
"versionType": "custom"
},
{
"lessThan": "6.1.0.243",
"status": "affected",
"version": "6.1.0",
"versionType": "custom"
},
{
"lessThan": "7.0.0.118",
"status": "affected",
"version": "7.0.0",
"versionType": "custom"
},
{
"lessThan": "7.1.0.25",
"status": "affected",
"version": "7.1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Open Banking KM",
"vendor": "WSO2",
"versions": [
{
"lessThan": "1.4.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "1.4.0.133",
"status": "affected",
"version": "1.4.0",
"versionType": "custom"
},
{
"lessThan": "1.5.0.123",
"status": "affected",
"version": "1.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Open Banking IAM",
"vendor": "WSO2",
"versions": [
{
"lessThan": "2.0.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "2.0.0.409",
"status": "affected",
"version": "2.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Open Banking AM",
"vendor": "WSO2",
"versions": [
{
"lessThan": "1.4.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "1.4.0.139",
"status": "affected",
"version": "1.4.0",
"versionType": "custom"
},
{
"lessThan": "1.5.0.140",
"status": "affected",
"version": "1.5.0",
"versionType": "custom"
},
{
"lessThan": "2.0.0.389",
"status": "affected",
"version": "2.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 API Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "2.0.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "2.0.0.31",
"status": "affected",
"version": "2.0.0",
"versionType": "custom"
},
{
"lessThan": "2.1.0.40",
"status": "affected",
"version": "2.1.0",
"versionType": "custom"
},
{
"lessThan": "2.2.0.59",
"status": "affected",
"version": "2.2.0",
"versionType": "custom"
},
{
"lessThan": "2.5.0.85",
"status": "affected",
"version": "2.5.0",
"versionType": "custom"
},
{
"lessThan": "2.6.0.146",
"status": "affected",
"version": "2.6.0",
"versionType": "custom"
},
{
"lessThan": "3.0.0.176",
"status": "affected",
"version": "3.0.0",
"versionType": "custom"
},
{
"lessThan": "3.1.0.340",
"status": "affected",
"version": "3.1.0",
"versionType": "custom"
},
{
"lessThan": "3.2.0.441",
"status": "affected",
"version": "3.2.0",
"versionType": "custom"
},
{
"lessThan": "3.2.1.61",
"status": "affected",
"version": "3.2.1",
"versionType": "custom"
},
{
"lessThan": "4.0.0.361",
"status": "affected",
"version": "4.0.0",
"versionType": "custom"
},
{
"lessThan": "4.1.0.224",
"status": "affected",
"version": "4.1.0",
"versionType": "custom"
},
{
"lessThan": "4.2.0.162",
"status": "affected",
"version": "4.2.0",
"versionType": "custom"
},
{
"lessThan": "4.3.0.75",
"status": "affected",
"version": "4.3.0",
"versionType": "custom"
},
{
"lessThan": "4.4.0.39",
"status": "affected",
"version": "4.4.0",
"versionType": "custom"
},
{
"lessThan": "4.5.0.23",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Identity Server Analytics",
"vendor": "WSO2",
"versions": [
{
"lessThan": "5.2.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "5.2.0.19",
"status": "affected",
"version": "5.2.0",
"versionType": "custom"
},
{
"lessThan": "5.3.0.17",
"status": "affected",
"version": "5.3.0",
"versionType": "custom"
},
{
"lessThan": "5.5.0.31",
"status": "affected",
"version": "5.5.0",
"versionType": "custom"
},
{
"lessThan": "5.6.0.38",
"status": "affected",
"version": "5.6.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "API Manager Analytics",
"vendor": "WSO2",
"versions": [
{
"lessThan": "2.0.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "2.0.0.14",
"status": "affected",
"version": "2.0.0",
"versionType": "custom"
},
{
"lessThan": "2.1.0.19",
"status": "affected",
"version": "2.1.0",
"versionType": "custom"
},
{
"lessThan": "2.2.0.30",
"status": "affected",
"version": "2.2.0",
"versionType": "custom"
},
{
"lessThan": "2.5.0.39",
"status": "affected",
"version": "2.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Enterprise Integrator",
"vendor": "WSO2",
"versions": [
{
"lessThan": "6.2.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "6.2.0.62",
"status": "affected",
"version": "6.2.0",
"versionType": "custom"
},
{
"lessThan": "6.3.0.70",
"status": "affected",
"version": "6.3.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Enterprise Service Bus Analytics",
"vendor": "WSO2",
"versions": [
{
"lessThan": "5.0.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "5.0.0.13",
"status": "affected",
"version": "5.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Data Analytics Server",
"vendor": "WSO2",
"versions": [
{
"lessThan": "3.1.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "3.1.0.20",
"status": "affected",
"version": "3.1.0",
"versionType": "custom"
},
{
"lessThan": "3.2.0.33",
"status": "affected",
"version": "3.2.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Enterprise Mobility Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "2.2.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "2.2.0.28",
"status": "affected",
"version": "2.2.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Universal Gateway",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.0.22",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 API Control Plane",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.0.24",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Traffic Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.0.22",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"packageName": "org.wso2.carbon.extension.identity.authenticator.outbound.totp:org.wso2.carbon.extension.identity.authenticator.totp.connector",
"product": "org.wso2.carbon.extension.identity.authenticator.outbound.totp:org.wso2.carbon.extension.identity.authenticator.totp.connector",
"vendor": "WSO2",
"versions": [
{
"lessThan": "2.0.10.1",
"status": "affected",
"version": "2.0.10",
"versionType": "custom"
},
{
"lessThan": "2.0.15.1",
"status": "affected",
"version": "2.0.15",
"versionType": "custom"
},
{
"lessThan": "2.0.21.1",
"status": "affected",
"version": "2.0.21",
"versionType": "custom"
},
{
"lessThan": "2.0.22.1",
"status": "affected",
"version": "2.0.22",
"versionType": "custom"
},
{
"lessThan": "2.1.12.1",
"status": "affected",
"version": "2.1.12",
"versionType": "custom"
},
{
"lessThan": "2.1.1972",
"status": "affected",
"version": "2.1",
"versionType": "custom"
},
{
"lessThan": "2.2.24",
"status": "affected",
"version": "2.2",
"versionType": "custom"
},
{
"lessThan": "2.2.25",
"status": "affected",
"version": "2.2",
"versionType": "custom"
},
{
"lessThan": "3.1.0.74",
"status": "affected",
"version": "3.1.0",
"versionType": "custom"
},
{
"lessThan": "3.3.6.7",
"status": "affected",
"version": "3.3.6",
"versionType": "custom"
},
{
"lessThan": "3.3.26.2",
"status": "affected",
"version": "3.3.26",
"versionType": "custom"
},
{
"lessThan": "3.3.35.1",
"status": "affected",
"version": "3.3.35",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "3.3.41",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"packageName": "org.wso2.carbon.apimgt:org.wso2.carbon.apimgt.rest.api.util",
"product": "org.wso2.carbon.apimgt:org.wso2.carbon.apimgt.rest.api.util",
"vendor": "WSO2",
"versions": [
{
"lessThan": "6.7.206.567",
"status": "affected",
"version": "6.7.206",
"versionType": "custom"
},
{
"lessThan": "6.7.210.63",
"status": "affected",
"version": "6.7.210",
"versionType": "custom"
},
{
"lessThan": "9.0.174.522",
"status": "affected",
"version": "9.0.174",
"versionType": "custom"
},
{
"lessThan": "9.20.74.379",
"status": "affected",
"version": "9.20.74",
"versionType": "custom"
},
{
"lessThan": "9.28.116.360",
"status": "affected",
"version": "9.28.116",
"versionType": "custom"
},
{
"lessThan": "9.29.120.184",
"status": "affected",
"version": "9.29.120",
"versionType": "custom"
},
{
"lessThan": "9.30.67.109",
"status": "affected",
"version": "9.30.67",
"versionType": "custom"
},
{
"lessThan": "9.31.86.71",
"status": "affected",
"version": "9.31.86",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "9.32.133",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"packageName": "org.wso2.carbon:org.wso2.carbon.base",
"product": "org.wso2.carbon:org.wso2.carbon.base",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.4.7.6",
"status": "affected",
"version": "4.4.7",
"versionType": "custom"
},
{
"lessThan": "4.4.9.11",
"status": "affected",
"version": "4.4.9",
"versionType": "custom"
},
{
"lessThan": "4.4.11.9",
"status": "affected",
"version": "4.4.11",
"versionType": "custom"
},
{
"lessThan": "4.4.26.12",
"status": "affected",
"version": "4.4.26",
"versionType": "custom"
},
{
"lessThan": "4.4.35.44",
"status": "affected",
"version": "4.4.35",
"versionType": "custom"
},
{
"lessThan": "4.5.1.43",
"status": "affected",
"version": "4.5.1",
"versionType": "custom"
},
{
"lessThan": "4.6.0.1990",
"status": "affected",
"version": "4.6.0",
"versionType": "custom"
},
{
"lessThan": "4.6.1.149",
"status": "affected",
"version": "4.6.1",
"versionType": "custom"
},
{
"lessThan": "4.6.2.667",
"status": "affected",
"version": "4.6.2",
"versionType": "custom"
},
{
"lessThan": "4.6.3.36",
"status": "affected",
"version": "4.6.3",
"versionType": "custom"
},
{
"lessThan": "4.6.4.14",
"status": "affected",
"version": "4.6.4",
"versionType": "custom"
},
{
"lessThan": "4.7.1.68",
"status": "affected",
"version": "4.7.1",
"versionType": "custom"
},
{
"lessThan": "4.8.1.39",
"status": "affected",
"version": "4.8.1",
"versionType": "custom"
},
{
"lessThan": "4.9.0.99",
"status": "affected",
"version": "4.9.0",
"versionType": "custom"
},
{
"lessThan": "4.9.26.25",
"status": "affected",
"version": "4.9.26",
"versionType": "custom"
},
{
"lessThan": "4.9.27.10",
"status": "affected",
"version": "4.9.27",
"versionType": "custom"
},
{
"lessThan": "4.9.28.11",
"status": "affected",
"version": "4.9.28",
"versionType": "custom"
},
{
"lessThan": "4.10.9.66",
"status": "affected",
"version": "4.10.9",
"versionType": "custom"
},
{
"lessThan": "4.10.42.9",
"status": "affected",
"version": "4.10.42",
"versionType": "custom"
},
{
"lessThan": "4.9.29",
"status": "affected",
"version": "4.9",
"versionType": "custom"
},
{
"lessThan": "4.10.94",
"status": "affected",
"version": "4.10",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"packageName": "org.wso2.carbon.identity.framework:org.wso2.carbon.identity.application.mgt",
"product": "org.wso2.carbon.identity.framework:org.wso2.carbon.identity.application.mgt",
"vendor": "WSO2",
"versions": [
{
"lessThan": "5.2.0.4",
"status": "affected",
"version": "5.2.0",
"versionType": "custom"
},
{
"lessThan": "5.2.2.21",
"status": "affected",
"version": "5.2.2",
"versionType": "custom"
},
{
"lessThan": "5.7.5.18",
"status": "affected",
"version": "5.7.5",
"versionType": "custom"
},
{
"lessThan": "5.11.148.19",
"status": "affected",
"version": "5.11.148",
"versionType": "custom"
},
{
"lessThan": "5.11.256.21",
"status": "affected",
"version": "5.11.256",
"versionType": "custom"
},
{
"lessThan": "5.12.153.63",
"status": "affected",
"version": "5.12.153",
"versionType": "custom"
},
{
"lessThan": "5.12.387.46",
"status": "affected",
"version": "5.12.387",
"versionType": "custom"
},
{
"lessThan": "5.14.97.89",
"status": "affected",
"version": "5.14.97",
"versionType": "custom"
},
{
"lessThan": "5.17.5.317",
"status": "affected",
"version": "5.17.5",
"versionType": "custom"
},
{
"lessThan": "5.17.118.17",
"status": "affected",
"version": "5.17.118",
"versionType": "custom"
},
{
"lessThan": "5.18.187.309",
"status": "affected",
"version": "5.18.187",
"versionType": "custom"
},
{
"lessThan": "5.18.248.30",
"status": "affected",
"version": "5.18.248",
"versionType": "custom"
},
{
"lessThan": "5.23.8.207",
"status": "affected",
"version": "5.23.8",
"versionType": "custom"
},
{
"lessThan": "5.24.8.23",
"status": "affected",
"version": "5.24.8",
"versionType": "custom"
},
{
"lessThan": "5.25.92.152",
"status": "affected",
"version": "5.25.92",
"versionType": "custom"
},
{
"lessThan": "5.25.705.19",
"status": "affected",
"version": "5.25.705",
"versionType": "custom"
},
{
"lessThan": "5.25.713.9",
"status": "affected",
"version": "5.25.713",
"versionType": "custom"
},
{
"lessThan": "5.25.724.3",
"status": "affected",
"version": "5.25.724",
"versionType": "custom"
},
{
"lessThan": "7.0.78.133",
"status": "affected",
"version": "7.0.78",
"versionType": "custom"
},
{
"lessThan": "7.8.23.47",
"status": "affected",
"version": "7.8.23",
"versionType": "custom"
},
{
"lessThan": "5.25.734",
"status": "affected",
"version": "5.25",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "7.8.489",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"packageName": "org.wso2.carbon:org.wso2.carbon.server.admin",
"product": "org.wso2.carbon:org.wso2.carbon.server.admin",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.4.7.6",
"status": "affected",
"version": "4.4.7",
"versionType": "custom"
},
{
"lessThan": "4.4.9.11",
"status": "affected",
"version": "4.4.9",
"versionType": "custom"
},
{
"lessThan": "4.4.11.9",
"status": "affected",
"version": "4.4.11",
"versionType": "custom"
},
{
"lessThan": "4.4.26.12",
"status": "affected",
"version": "4.4.26",
"versionType": "custom"
},
{
"lessThan": "4.4.32.16",
"status": "affected",
"version": "4.4.32",
"versionType": "custom"
},
{
"lessThan": "4.4.35.44",
"status": "affected",
"version": "4.4.35",
"versionType": "custom"
},
{
"lessThan": "4.5.1.43",
"status": "affected",
"version": "4.5.1",
"versionType": "custom"
},
{
"lessThan": "4.6.0.1990",
"status": "affected",
"version": "4.6.0",
"versionType": "custom"
},
{
"lessThan": "4.6.1.149",
"status": "affected",
"version": "4.6.1",
"versionType": "custom"
},
{
"lessThan": "4.6.2.667",
"status": "affected",
"version": "4.6.2",
"versionType": "custom"
},
{
"lessThan": "4.6.3.36",
"status": "affected",
"version": "4.6.3",
"versionType": "custom"
},
{
"lessThan": "4.6.4.14",
"status": "affected",
"version": "4.6.4",
"versionType": "custom"
},
{
"lessThan": "4.7.1.68",
"status": "affected",
"version": "4.7.1",
"versionType": "custom"
},
{
"lessThan": "4.8.1.39",
"status": "affected",
"version": "4.8.1",
"versionType": "custom"
},
{
"lessThan": "4.9.0.99",
"status": "affected",
"version": "4.9.0",
"versionType": "custom"
},
{
"lessThan": "4.9.26.25",
"status": "affected",
"version": "4.9.26",
"versionType": "custom"
},
{
"lessThan": "4.9.27.10",
"status": "affected",
"version": "4.9.27",
"versionType": "custom"
},
{
"lessThan": "4.9.28.11",
"status": "affected",
"version": "4.9.28",
"versionType": "custom"
},
{
"lessThan": "4.10.9.66",
"status": "affected",
"version": "4.10.9",
"versionType": "custom"
},
{
"lessThan": "4.10.42.9",
"status": "affected",
"version": "4.10.42",
"versionType": "custom"
},
{
"lessThan": "4.9.29",
"status": "affected",
"version": "4.9",
"versionType": "custom"
},
{
"lessThan": "4.10.94",
"status": "affected",
"version": "4.10",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"packageName": "org.wso2.carbon.identity.workflow.user:org.wso2.carbon.user.mgt.workflow",
"product": "org.wso2.carbon.identity.workflow.user:org.wso2.carbon.user.mgt.workflow",
"vendor": "WSO2",
"versions": [
{
"lessThan": "5.1.1.1",
"status": "affected",
"version": "5.1.1",
"versionType": "custom"
},
{
"lessThan": "5.1.2.1",
"status": "affected",
"version": "5.1.2",
"versionType": "custom"
},
{
"lessThan": "5.1.5.1",
"status": "affected",
"version": "5.1.5",
"versionType": "custom"
},
{
"lessThan": "5.3.3.1",
"status": "affected",
"version": "5.3.3",
"versionType": "custom"
},
{
"lessThan": "5.4.0.4",
"status": "affected",
"version": "5.4.0",
"versionType": "custom"
},
{
"lessThan": "5.4.1.5",
"status": "affected",
"version": "5.4.1",
"versionType": "custom"
},
{
"lessThan": "5.6.0.1",
"status": "affected",
"version": "5.6.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.6.21",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "crnkovi\u0107"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An improper access control vulnerability exists in multiple WSO2 products due to insufficient permission enforcement in certain internal SOAP Admin Services and System REST APIs. A low-privileged user may exploit this flaw to perform unauthorized operations, including accessing server-level information.\u003cbr\u003e\u003cbr\u003eThis vulnerability affects only internal administrative interfaces. APIs exposed through the WSO2 API Manager\u0027s API Gateway remain unaffected.\u003cbr\u003e"
}
],
"value": "An improper access control vulnerability exists in multiple WSO2 products due to insufficient permission enforcement in certain internal SOAP Admin Services and System REST APIs. A low-privileged user may exploit this flaw to perform unauthorized operations, including accessing server-level information.\n\nThis vulnerability affects only internal administrative interfaces. APIs exposed through the WSO2 API Manager\u0027s API Gateway remain unaffected."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.6,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "For WSO2 API Manager"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.9,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "For WSO2 Identity Server"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-16T12:33:45.426Z",
"orgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"shortName": "WSO2"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4503/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: transparent;\"\u003eFollow the instructions given on \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4503/#solution\"\u003e\u003cspan style=\"background-color: transparent;\"\u003ehttps://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4503/#solution\u003c/span\u003e\u003c/a\u003e \u003cbr\u003e"
}
],
"value": "Follow the instructions given on https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4503/#solution https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4503/#solution"
}
],
"source": {
"advisory": "WSO2-2025-4503",
"discovery": "EXTERNAL"
},
"title": "Improper Access Control in Multiple WSO2 Products via Internal SOAP Admin Services and System REST APIs",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"assignerShortName": "WSO2",
"cveId": "CVE-2025-9804",
"datePublished": "2025-10-16T12:33:45.426Z",
"dateReserved": "2025-09-01T13:11:12.678Z",
"dateUpdated": "2025-10-17T16:01:25.350Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-9955 (GCVE-0-2025-9955)
Vulnerability from cvelistv5 – Published: 2025-10-16 12:14 – Updated: 2025-10-16 13:29
VLAI?
Summary
An improper access control vulnerability exists in WSO2 Enterprise Integrator product due to insufficient permission restrictions on internal SOAP admin services related to system logs and user-store configuration. A low-privileged user can access log data and user-store configuration details that are not intended to be exposed at that privilege level.
While no credentials or sensitive user information are exposed, this vulnerability may allow unauthorized visibility into internal operational details, which could aid in further exploitation or reconnaissance.
Severity ?
5.7 (Medium)
CWE
- CWE-863 - Incorrect Authorization
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| WSO2 | WSO2 Enterprise Integrator |
Unknown:
0 , < 6.0.0
(custom)
Affected: 6.0.0 , < 6.0.0.22 (custom) Affected: 6.1.0 , < 6.1.0.39 (custom) Affected: 6.1.1 , < 6.1.1.43 (custom) Affected: 6.2.0 , < 6.2.0.62 (custom) Affected: 6.3.0 , < 6.3.0.70 (custom) Affected: 6.4.0 , < 6.4.0.100 (custom) Affected: 6.5.0 , < 6.5.0.107 (custom) Affected: 6.6.0 , < 6.6.0.222 (custom) |
|||||||||||||||||
|
|||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-9955",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-16T13:23:25.309685Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863 Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-16T13:29:14.882Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WSO2 Enterprise Integrator",
"vendor": "WSO2",
"versions": [
{
"lessThan": "6.0.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "6.0.0.22",
"status": "affected",
"version": "6.0.0",
"versionType": "custom"
},
{
"lessThan": "6.1.0.39",
"status": "affected",
"version": "6.1.0",
"versionType": "custom"
},
{
"lessThan": "6.1.1.43",
"status": "affected",
"version": "6.1.1",
"versionType": "custom"
},
{
"lessThan": "6.2.0.62",
"status": "affected",
"version": "6.2.0",
"versionType": "custom"
},
{
"lessThan": "6.3.0.70",
"status": "affected",
"version": "6.3.0",
"versionType": "custom"
},
{
"lessThan": "6.4.0.100",
"status": "affected",
"version": "6.4.0",
"versionType": "custom"
},
{
"lessThan": "6.5.0.107",
"status": "affected",
"version": "6.5.0",
"versionType": "custom"
},
{
"lessThan": "6.6.0.222",
"status": "affected",
"version": "6.6.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Enterprise Service Bus",
"vendor": "WSO2",
"versions": [
{
"lessThan": "5.0.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "5.0.0.29",
"status": "affected",
"version": "5.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"packageName": "org.wso2.carbon:org.wso2.carbon.base",
"product": "org.wso2.carbon:org.wso2.carbon.base",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.4.8.7",
"status": "affected",
"version": "4.4.8",
"versionType": "custom"
},
{
"lessThan": "4.4.14.5",
"status": "affected",
"version": "4.4.14",
"versionType": "custom"
},
{
"lessThan": "4.4.16.9",
"status": "affected",
"version": "4.4.16",
"versionType": "custom"
},
{
"lessThan": "4.4.26.13",
"status": "affected",
"version": "4.4.26",
"versionType": "custom"
},
{
"lessThan": "4.4.32.16",
"status": "affected",
"version": "4.4.32",
"versionType": "custom"
},
{
"lessThan": "4.4.36.7",
"status": "affected",
"version": "4.4.36",
"versionType": "custom"
},
{
"lessThan": "4.4.40.37",
"status": "affected",
"version": "4.4.40",
"versionType": "custom"
},
{
"lessThan": "4.5.3.45",
"status": "affected",
"version": "4.5.3",
"versionType": "custom"
},
{
"lessThan": "4.9.29",
"status": "affected",
"version": "4.9",
"versionType": "custom"
},
{
"lessThan": "4.10.94",
"status": "affected",
"version": "4.10",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"packageName": "org.wso2.carbon:org.wso2.carbon.server.admin",
"product": "org.wso2.carbon:org.wso2.carbon.server.admin",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.4.8.7",
"status": "affected",
"version": "4.4.8",
"versionType": "custom"
},
{
"lessThan": "4.4.14.5",
"status": "affected",
"version": "4.4.14",
"versionType": "custom"
},
{
"lessThan": "4.4.16.9",
"status": "affected",
"version": "4.4.16",
"versionType": "custom"
},
{
"lessThan": "4.4.26.13",
"status": "affected",
"version": "4.4.26",
"versionType": "custom"
},
{
"lessThan": "4.4.32.16",
"status": "affected",
"version": "4.4.32",
"versionType": "custom"
},
{
"lessThan": "4.4.36.7",
"status": "affected",
"version": "4.4.36",
"versionType": "custom"
},
{
"lessThan": "4.4.40.37",
"status": "affected",
"version": "4.4.40",
"versionType": "custom"
},
{
"lessThan": "4.5.3.45",
"status": "affected",
"version": "4.5.3",
"versionType": "custom"
},
{
"lessThan": "4.9.29",
"status": "affected",
"version": "4.9",
"versionType": "custom"
},
{
"lessThan": "4.10.94",
"status": "affected",
"version": "4.10",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An improper access control vulnerability exists in WSO2 Enterprise Integrator product due to insufficient permission restrictions on internal SOAP admin services related to system logs and user-store configuration. A low-privileged user can access log data and user-store configuration details that are not intended to be exposed at that privilege level.\u003cbr\u003e\u003cbr\u003eWhile no credentials or sensitive user information are exposed, this vulnerability may allow unauthorized visibility into internal operational details, which could aid in further exploitation or reconnaissance.\u003cbr\u003e"
}
],
"value": "An improper access control vulnerability exists in WSO2 Enterprise Integrator product due to insufficient permission restrictions on internal SOAP admin services related to system logs and user-store configuration. A low-privileged user can access log data and user-store configuration details that are not intended to be exposed at that privilege level.\n\nWhile no credentials or sensitive user information are exposed, this vulnerability may allow unauthorized visibility into internal operational details, which could aid in further exploitation or reconnaissance."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-16T12:14:56.477Z",
"orgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"shortName": "WSO2"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4526/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: transparent;\"\u003eFollow the instructions given on \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4526/#solution\"\u003e\u003cspan style=\"background-color: transparent;\"\u003ehttps://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4526/#solution\u003c/span\u003e\u003c/a\u003e \u003cbr\u003e"
}
],
"value": "Follow the instructions given on https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4526/#solution https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4526/#solution"
}
],
"source": {
"advisory": "WSO2-2025-4526",
"discovery": "INTERNAL"
},
"title": "Improper Access Control in WSO2 Enterprise Integrator Product via SOAP Admin Services for Logs and User-Store Configuration",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"assignerShortName": "WSO2",
"cveId": "CVE-2025-9955",
"datePublished": "2025-10-16T12:14:56.477Z",
"dateReserved": "2025-09-03T15:10:08.622Z",
"dateUpdated": "2025-10-16T13:29:14.882Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-10611 (GCVE-0-2025-10611)
Vulnerability from cvelistv5 – Published: 2025-10-16 12:09 – Updated: 2025-10-16 13:34
VLAI?
Summary
Due to an insufficient access control implementation in multiple WSO2 Products, authentication and authorization checks for certain REST APIs can be bypassed, allowing them to be invoked without proper validation.
Successful exploitation of this vulnerability could lead to a malicious actor gaining administrative access and performing unauthenticated and unauthorized administrative operations.
Severity ?
9.8 (Critical)
CWE
- CWE-863 - Incorrect Authorization
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| WSO2 | WSO2 API Manager |
Unknown:
0 , < 2.1.0
(custom)
Affected: 2.1.0 , < 2.1.0.42 (custom) Affected: 2.2.0 , < 2.2.0.61 (custom) Affected: 2.5.0 , < 2.5.0.87 (custom) Affected: 2.6.0 , < 2.6.0.148 (custom) Affected: 3.0.0 , < 3.0.0.178 (custom) Affected: 3.1.0 , < 3.1.0.345 (custom) Affected: 3.2.0 , < 3.2.0.446 (custom) Affected: 3.2.1 , < 3.2.1.66 (custom) Affected: 4.0.0 , < 4.0.0.366 (custom) Affected: 4.1.0 , < 4.1.0.228 (custom) Affected: 4.2.0 , < 4.2.0.169 (custom) Affected: 4.3.0 , < 4.3.0.81 (custom) Affected: 4.4.0 , < 4.4.0.45 (custom) Affected: 4.5.0 , < 4.5.0.28 (custom) |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-10611",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-16T13:24:33.931504Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863 Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-16T13:34:31.799Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WSO2 API Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "2.1.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "2.1.0.42",
"status": "affected",
"version": "2.1.0",
"versionType": "custom"
},
{
"lessThan": "2.2.0.61",
"status": "affected",
"version": "2.2.0",
"versionType": "custom"
},
{
"lessThan": "2.5.0.87",
"status": "affected",
"version": "2.5.0",
"versionType": "custom"
},
{
"lessThan": "2.6.0.148",
"status": "affected",
"version": "2.6.0",
"versionType": "custom"
},
{
"lessThan": "3.0.0.178",
"status": "affected",
"version": "3.0.0",
"versionType": "custom"
},
{
"lessThan": "3.1.0.345",
"status": "affected",
"version": "3.1.0",
"versionType": "custom"
},
{
"lessThan": "3.2.0.446",
"status": "affected",
"version": "3.2.0",
"versionType": "custom"
},
{
"lessThan": "3.2.1.66",
"status": "affected",
"version": "3.2.1",
"versionType": "custom"
},
{
"lessThan": "4.0.0.366",
"status": "affected",
"version": "4.0.0",
"versionType": "custom"
},
{
"lessThan": "4.1.0.228",
"status": "affected",
"version": "4.1.0",
"versionType": "custom"
},
{
"lessThan": "4.2.0.169",
"status": "affected",
"version": "4.2.0",
"versionType": "custom"
},
{
"lessThan": "4.3.0.81",
"status": "affected",
"version": "4.3.0",
"versionType": "custom"
},
{
"lessThan": "4.4.0.45",
"status": "affected",
"version": "4.4.0",
"versionType": "custom"
},
{
"lessThan": "4.5.0.28",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 API Control Plane",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.0.29",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Open Banking AM",
"vendor": "WSO2",
"versions": [
{
"lessThan": "1.4.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "1.4.0.141",
"status": "affected",
"version": "1.4.0",
"versionType": "custom"
},
{
"lessThan": "1.5.0.142",
"status": "affected",
"version": "1.5.0",
"versionType": "custom"
},
{
"lessThan": "2.0.0.394",
"status": "affected",
"version": "2.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Open Banking IAM",
"vendor": "WSO2",
"versions": [
{
"lessThan": "2.0.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "2.0.0.414",
"status": "affected",
"version": "2.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Identity Server",
"vendor": "WSO2",
"versions": [
{
"lessThan": "5.3.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "5.3.0.39",
"status": "affected",
"version": "5.3.0",
"versionType": "custom"
},
{
"lessThan": "5.5.0.54",
"status": "affected",
"version": "5.5.0",
"versionType": "custom"
},
{
"lessThan": "5.6.0.62",
"status": "affected",
"version": "5.6.0",
"versionType": "custom"
},
{
"lessThan": "5.7.0.128",
"status": "affected",
"version": "5.7.0",
"versionType": "custom"
},
{
"lessThan": "5.8.0.112",
"status": "affected",
"version": "5.8.0",
"versionType": "custom"
},
{
"lessThan": "5.9.0.171",
"status": "affected",
"version": "5.9.0",
"versionType": "custom"
},
{
"lessThan": "5.10.0.375",
"status": "affected",
"version": "5.10.0",
"versionType": "custom"
},
{
"lessThan": "5.11.0.419",
"status": "affected",
"version": "5.11.0",
"versionType": "custom"
},
{
"lessThan": "6.0.0.248",
"status": "affected",
"version": "6.0.0",
"versionType": "custom"
},
{
"lessThan": "6.1.0.248",
"status": "affected",
"version": "6.1.0",
"versionType": "custom"
},
{
"lessThan": "7.0.0.124",
"status": "affected",
"version": "7.0.0",
"versionType": "custom"
},
{
"lessThan": "7.1.0.31",
"status": "affected",
"version": "7.1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Identity Server as Key Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "5.3.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "5.3.0.44",
"status": "affected",
"version": "5.3.0",
"versionType": "custom"
},
{
"lessThan": "5.5.0.55",
"status": "affected",
"version": "5.5.0",
"versionType": "custom"
},
{
"lessThan": "5.6.0.77",
"status": "affected",
"version": "5.6.0",
"versionType": "custom"
},
{
"lessThan": "5.7.0.127",
"status": "affected",
"version": "5.7.0",
"versionType": "custom"
},
{
"lessThan": "5.9.0.178",
"status": "affected",
"version": "5.9.0",
"versionType": "custom"
},
{
"lessThan": "5.10.0.365",
"status": "affected",
"version": "5.10.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Open Banking KM",
"vendor": "WSO2",
"versions": [
{
"lessThan": "1.4.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "1.4.0.135",
"status": "affected",
"version": "1.4.0",
"versionType": "custom"
},
{
"lessThan": "1.5.0.125",
"status": "affected",
"version": "1.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Universal Gateway",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.0.27",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Traffic Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.0.27",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"packageName": "org.wso2.carbon.identity.auth.rest:org.wso2.carbon.identity.auth.service",
"product": "org.wso2.carbon.identity.auth.rest:org.wso2.carbon.identity.auth.service",
"vendor": "WSO2",
"versions": [
{
"lessThan": "1.1.1.7",
"status": "affected",
"version": "1.1.1",
"versionType": "custom"
},
{
"lessThan": "1.1.16.6",
"status": "affected",
"version": "1.1.16",
"versionType": "custom"
},
{
"lessThan": "1.1.18.7",
"status": "affected",
"version": "1.1.18",
"versionType": "custom"
},
{
"lessThan": "1.1.20.9",
"status": "affected",
"version": "1.1.20",
"versionType": "custom"
},
{
"lessThan": "1.1.26.11",
"status": "affected",
"version": "1.1.26",
"versionType": "custom"
},
{
"lessThan": "1.3.6.11",
"status": "affected",
"version": "1.3.6",
"versionType": "custom"
},
{
"lessThan": "1.4.0.21",
"status": "affected",
"version": "1.4.0",
"versionType": "custom"
},
{
"lessThan": "1.4.25.27",
"status": "affected",
"version": "1.4.25",
"versionType": "custom"
},
{
"lessThan": "1.4.52.6",
"status": "affected",
"version": "1.4.52",
"versionType": "custom"
},
{
"lessThan": "1.6.1.12",
"status": "affected",
"version": "1.6.1",
"versionType": "custom"
},
{
"lessThan": "1.7.1.7",
"status": "affected",
"version": "1.7.1",
"versionType": "custom"
},
{
"lessThan": "1.8.11.8",
"status": "affected",
"version": "1.8.11",
"versionType": "custom"
},
{
"lessThan": "1.8.41.4",
"status": "affected",
"version": "1.8.41",
"versionType": "custom"
},
{
"lessThan": "1.9.4.9",
"status": "affected",
"version": "1.9.4",
"versionType": "custom"
},
{
"lessThan": "1.9.18.7",
"status": "affected",
"version": "1.9.18",
"versionType": "custom"
},
{
"lessThan": "1.8.48",
"status": "affected",
"version": "1.8",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "1.9.46",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"packageName": "org.wso2.carbon.identity.auth.rest:org.wso2.carbon.identity.auth.valve",
"product": "org.wso2.carbon.identity.auth.rest:org.wso2.carbon.identity.auth.valve",
"vendor": "WSO2",
"versions": [
{
"lessThan": "1.1.1.7",
"status": "affected",
"version": "1.1.1",
"versionType": "custom"
},
{
"lessThan": "1.1.16.6",
"status": "affected",
"version": "1.1.16",
"versionType": "custom"
},
{
"lessThan": "1.1.18.7",
"status": "affected",
"version": "1.1.18",
"versionType": "custom"
},
{
"lessThan": "1.1.20.9",
"status": "affected",
"version": "1.1.20",
"versionType": "custom"
},
{
"lessThan": "1.1.26.11",
"status": "affected",
"version": "1.1.26",
"versionType": "custom"
},
{
"lessThan": "1.3.6.11",
"status": "affected",
"version": "1.3.6",
"versionType": "custom"
},
{
"lessThan": "1.4.0.21",
"status": "affected",
"version": "1.4.0",
"versionType": "custom"
},
{
"lessThan": "1.4.25.27",
"status": "affected",
"version": "1.4.25",
"versionType": "custom"
},
{
"lessThan": "1.4.52.6",
"status": "affected",
"version": "1.4.52",
"versionType": "custom"
},
{
"lessThan": "1.6.1.12",
"status": "affected",
"version": "1.6.1",
"versionType": "custom"
},
{
"lessThan": "1.7.1.7",
"status": "affected",
"version": "1.7.1",
"versionType": "custom"
},
{
"lessThan": "1.8.11.8",
"status": "affected",
"version": "1.8.11",
"versionType": "custom"
},
{
"lessThan": "1.8.41.4",
"status": "affected",
"version": "1.8.41",
"versionType": "custom"
},
{
"lessThan": "1.9.4.9",
"status": "affected",
"version": "1.9.4",
"versionType": "custom"
},
{
"lessThan": "1.9.18.7",
"status": "affected",
"version": "1.9.18",
"versionType": "custom"
},
{
"lessThan": "1.8.48",
"status": "affected",
"version": "1.8",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "1.9.46",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Due to an insufficient access control implementation in multiple WSO2 Products, authentication and authorization checks for certain REST APIs can be bypassed, allowing them to be invoked without proper validation.\u003cbr\u003e\u003cbr\u003eSuccessful exploitation of this vulnerability could lead to a malicious actor gaining administrative access and performing unauthenticated and unauthorized administrative operations.\u003cbr\u003e"
}
],
"value": "Due to an insufficient access control implementation in multiple WSO2 Products, authentication and authorization checks for certain REST APIs can be bypassed, allowing them to be invoked without proper validation.\n\nSuccessful exploitation of this vulnerability could lead to a malicious actor gaining administrative access and performing unauthenticated and unauthorized administrative operations."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-16T12:09:31.802Z",
"orgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"shortName": "WSO2"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4585/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: transparent;\"\u003eFollow the instructions given on \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4585/#solution\"\u003e\u003cspan style=\"background-color: transparent;\"\u003ehttps://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4585/#solution\u003c/span\u003e\u003c/a\u003e \u003cbr\u003e"
}
],
"value": "Follow the instructions given on https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4585/#solution https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4585/#solution"
}
],
"source": {
"advisory": "WSO2-2025-4585",
"discovery": "INTERNAL"
},
"title": "Potential Broken Access Control in Multiple WSO2 Products via System REST APIs",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"assignerShortName": "WSO2",
"cveId": "CVE-2025-10611",
"datePublished": "2025-10-16T12:09:31.802Z",
"dateReserved": "2025-09-17T08:56:27.794Z",
"dateUpdated": "2025-10-16T13:34:31.799Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-1862 (GCVE-0-2025-1862)
Vulnerability from cvelistv5 – Published: 2025-09-26 08:18 – Updated: 2025-09-29 12:38
VLAI?
Summary
An arbitrary file upload vulnerability exists in multiple WSO2 products due to improper validation of user-supplied filenames in the BPEL uploader SOAP service endpoint. A malicious actor with administrative privileges can upload arbitrary files to a user-controlled location on the server.
By leveraging this vulnerability, an attacker can upload a specially crafted payload and achieve remote code execution (RCE), potentially compromising the server and its data.
Severity ?
6.7 (Medium)
CWE
- CWE-434 - Unrestricted Upload of File with Dangerous Type
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| WSO2 | WSO2 Enterprise Integrator |
Affected:
6.6.0 , < 6.6.0.215
(custom)
|
|||||||||||||||||
|
|||||||||||||||||||
Credits
Luk Luk
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-1862",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-27T03:55:27.361521Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-29T12:38:07.003Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WSO2 Enterprise Integrator",
"vendor": "WSO2",
"versions": [
{
"lessThan": "6.6.0.215",
"status": "affected",
"version": "6.6.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Identity Server",
"vendor": "WSO2",
"versions": [
{
"lessThan": "5.10.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "5.10.0.347",
"status": "affected",
"version": "5.10.0",
"versionType": "custom"
},
{
"lessThan": "5.11.0.396",
"status": "affected",
"version": "5.11.0",
"versionType": "custom"
},
{
"lessThan": "6.0.0.232",
"status": "affected",
"version": "6.0.0",
"versionType": "custom"
},
{
"lessThan": "6.1.0.224",
"status": "affected",
"version": "6.1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Open Banking IAM",
"vendor": "WSO2",
"versions": [
{
"lessThan": "2.0.0.391",
"status": "affected",
"version": "2.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Identity Server as Key Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "5.10.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "5.10.0.340",
"status": "affected",
"version": "5.10.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Luk Luk"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An arbitrary file upload vulnerability exists in multiple WSO2 products due to improper validation of user-supplied filenames in the BPEL uploader SOAP service endpoint. A malicious actor with administrative privileges can upload arbitrary files to a user-controlled location on the server.\n\u003cbr\u003e\u003cbr\u003eBy leveraging this vulnerability, an attacker can upload a specially crafted payload and achieve remote code execution (RCE), potentially compromising the server and its data.\u003cbr\u003e"
}
],
"value": "An arbitrary file upload vulnerability exists in multiple WSO2 products due to improper validation of user-supplied filenames in the BPEL uploader SOAP service endpoint. A malicious actor with administrative privileges can upload arbitrary files to a user-controlled location on the server.\n\n\nBy leveraging this vulnerability, an attacker can upload a specially crafted payload and achieve remote code execution (RCE), potentially compromising the server and its data."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-26T08:18:21.708Z",
"orgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"shortName": "WSO2"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-3992/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: transparent;\"\u003eFollow the instructions given on \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-3992/#solution\"\u003e\u003cspan style=\"background-color: transparent;\"\u003ehttps://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-3992/#solution\u003c/span\u003e\u003c/a\u003e \u003cbr\u003e"
}
],
"value": "Follow the instructions given on https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-3992/#solution https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-3992/#solution"
}
],
"source": {
"advisory": "WSO2-2025-3992",
"discovery": "EXTERNAL"
},
"title": "Authenticated Arbitrary File Upload in Multiple WSO2 Products via BPEL Uploader SOAP Service Leading to Remote Code Execution",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"assignerShortName": "WSO2",
"cveId": "CVE-2025-1862",
"datePublished": "2025-09-26T08:18:21.708Z",
"dateReserved": "2025-03-03T04:53:13.295Z",
"dateUpdated": "2025-09-29T12:38:07.003Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-1396 (GCVE-0-2025-1396)
Vulnerability from cvelistv5 – Published: 2025-09-26 07:52 – Updated: 2025-09-30 15:43
VLAI?
Summary
A username enumeration vulnerability exists in multiple WSO2 products when Multi-Attribute Login is enabled. In this configuration, the system returns a distinct "User does not exist" error message to the login form, regardless of the validate_username setting. This behavior allows malicious actors to determine which usernames exist in the system based on observable discrepancies in the application's responses.
Exploitation of this vulnerability could aid in brute-force attacks, targeted phishing campaigns, or other social engineering techniques by confirming the validity of user identifiers within the system.
Severity ?
CWE
- CWE-203 - Observable Discrepancy
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| WSO2 | WSO2 Identity Server |
Unknown:
0 , < 5.10.0
(custom)
Affected: 5.10.0 , < 5.10.0.346 (custom) Affected: 5.11.0 , < 5.11.0.395 (custom) Affected: 6.0.0 , < 6.0.0.231 (custom) Affected: 6.1.0 , < 6.1.0.223 (custom) |
||||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-1396",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-30T15:43:25.782305Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-30T15:43:31.106Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WSO2 Identity Server",
"vendor": "WSO2",
"versions": [
{
"lessThan": "5.10.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "5.10.0.346",
"status": "affected",
"version": "5.10.0",
"versionType": "custom"
},
{
"lessThan": "5.11.0.395",
"status": "affected",
"version": "5.11.0",
"versionType": "custom"
},
{
"lessThan": "6.0.0.231",
"status": "affected",
"version": "6.0.0",
"versionType": "custom"
},
{
"lessThan": "6.1.0.223",
"status": "affected",
"version": "6.1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Open Banking IAM",
"vendor": "WSO2",
"versions": [
{
"lessThan": "2.0.0.390",
"status": "affected",
"version": "2.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Identity Server as Key Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "5.10.0.339",
"status": "affected",
"version": "5.10.0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA username enumeration vulnerability exists in multiple WSO2 products when Multi-Attribute Login is enabled. In this configuration, the system returns a distinct \"User does not exist\" error message to the login form, regardless of the validate_username setting. This behavior allows malicious actors to determine which usernames exist in the system based on observable discrepancies in the application\u0027s responses.\u003cbr\u003e\u003c/p\u003e\u003cb\u003e\u003c/b\u003e\u003cp\u003eExploitation of this vulnerability could aid in brute-force attacks, targeted phishing campaigns, or other social engineering techniques by confirming the validity of user identifiers within the system.\u003cbr\u003e\u003c/p\u003e\u003cb\u003e\u003c/b\u003e"
}
],
"value": "A username enumeration vulnerability exists in multiple WSO2 products when Multi-Attribute Login is enabled. In this configuration, the system returns a distinct \"User does not exist\" error message to the login form, regardless of the validate_username setting. This behavior allows malicious actors to determine which usernames exist in the system based on observable discrepancies in the application\u0027s responses.\n\n\nExploitation of this vulnerability could aid in brute-force attacks, targeted phishing campaigns, or other social engineering techniques by confirming the validity of user identifiers within the system."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-203",
"description": "CWE-203 Observable Discrepancy",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-26T08:19:45.872Z",
"orgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"shortName": "WSO2"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-3983/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: transparent;\"\u003eFollow the instructions given on \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-3983/#solution\"\u003e\u003cspan style=\"background-color: transparent;\"\u003ehttps://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-3983/#solution\u003c/span\u003e\u003c/a\u003e \u003cbr\u003e"
}
],
"value": "Follow the instructions given on https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-3983/#solution https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-3983/#solution"
}
],
"source": {
"advisory": "WSO2-2025-3983",
"discovery": "INTERNAL"
},
"title": "Username Enumeration in Multiple WSO2 Products with Multi-Attribute Login Enabled",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"assignerShortName": "WSO2",
"cveId": "CVE-2025-1396",
"datePublished": "2025-09-26T07:52:52.297Z",
"dateReserved": "2025-02-17T14:17:42.038Z",
"dateUpdated": "2025-09-30T15:43:31.106Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-0672 (GCVE-0-2025-0672)
Vulnerability from cvelistv5 – Published: 2025-09-23 17:30 – Updated: 2025-09-25 16:01
VLAI?
Summary
An authentication bypass vulnerability exists in multiple WSO2 products when FIDO authentication is enabled. When a user account is deleted, the system does not automatically remove associated FIDO registration data. If a new user account is later created using the same username, the system may associate the new account with the previously registered FIDO device.
This flaw may allow a previously deleted user to authenticate using their FIDO credentials and impersonate the newly created user, resulting in unauthorized access. The vulnerability applies only to deployments that utilize FIDO-based authentication.
Severity ?
CWE
- CWE-287 - Improper Authentication
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| WSO2 | WSO2 Identity Server as Key Manager |
Unknown:
0 , < 5.10.0
(custom)
Affected: 5.10.0 , < 5.10.0.338 (custom) |
||||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0672",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-23T18:30:32.258796Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287 Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-25T16:01:00.676Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WSO2 Identity Server as Key Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "5.10.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "5.10.0.338",
"status": "affected",
"version": "5.10.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Identity Server",
"vendor": "WSO2",
"versions": [
{
"lessThan": "5.10.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "5.10.0.345",
"status": "affected",
"version": "5.10.0",
"versionType": "custom"
},
{
"lessThan": "5.11.0.394",
"status": "affected",
"version": "5.11.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Open Banking IAM",
"vendor": "WSO2",
"versions": [
{
"lessThan": "2.0.0.389",
"status": "affected",
"version": "2.0.0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An authentication bypass vulnerability exists in multiple WSO2 products when FIDO authentication is enabled. When a user account is deleted, the system does not automatically remove associated FIDO registration data. If a new user account is later created using the same username, the system may associate the new account with the previously registered FIDO device.\u003cbr\u003e\u003cbr\u003eThis flaw may allow a previously deleted user to authenticate using their FIDO credentials and impersonate the newly created user, resulting in unauthorized access. The vulnerability applies only to deployments that utilize FIDO-based authentication.\u003cbr\u003e"
}
],
"value": "An authentication bypass vulnerability exists in multiple WSO2 products when FIDO authentication is enabled. When a user account is deleted, the system does not automatically remove associated FIDO registration data. If a new user account is later created using the same username, the system may associate the new account with the previously registered FIDO device.\n\nThis flaw may allow a previously deleted user to authenticate using their FIDO credentials and impersonate the newly created user, resulting in unauthorized access. The vulnerability applies only to deployments that utilize FIDO-based authentication."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-23T17:30:42.687Z",
"orgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"shortName": "WSO2"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-3134/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: transparent;\"\u003eFollow the instructions given on \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-3134/#solution\"\u003e\u003cspan style=\"background-color: transparent;\"\u003ehttps://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-3134/#solution\u003c/span\u003e\u003c/a\u003e \u003cbr\u003e"
}
],
"value": "Follow the instructions given on https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-3134/#solution https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-3134/#solution"
}
],
"source": {
"advisory": "WSO2-2025-3134",
"discovery": "INTERNAL"
},
"title": "Authentication Bypass in Multiple WSO2 Products via Stale FIDO Credential Association",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"assignerShortName": "WSO2",
"cveId": "CVE-2025-0672",
"datePublished": "2025-09-23T17:30:42.687Z",
"dateReserved": "2025-01-23T13:38:31.988Z",
"dateUpdated": "2025-09-25T16:01:00.676Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-0209 (GCVE-0-2025-0209)
Vulnerability from cvelistv5 – Published: 2025-09-23 17:13 – Updated: 2025-09-23 18:37
VLAI?
Summary
A reflected cross-site scripting (XSS) vulnerability exists in the account registration flow of WSO2 Identity Server due to improper output encoding. A malicious actor can exploit this vulnerability by injecting a crafted payload that is reflected in the server response, enabling the execution of arbitrary JavaScript in the victim's browser.
This vulnerability could allow attackers to redirect users to malicious websites, modify the user interface, or exfiltrate data from the browser. However, session-related sensitive cookies are protected using the httpOnly flag, which mitigates the risk of session hijacking.
Severity ?
6.1 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| WSO2 | WSO2 Identity Server |
Affected:
7.0.0 , < 7.0.0.87
(custom)
|
Credits
Western
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0209",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-23T18:30:48.378651Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-23T18:37:43.867Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WSO2 Identity Server",
"vendor": "WSO2",
"versions": [
{
"lessThan": "7.0.0.87",
"status": "affected",
"version": "7.0.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Western"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A reflected cross-site scripting (XSS) vulnerability exists in the account registration flow of WSO2 Identity Server due to improper output encoding. A malicious actor can exploit this vulnerability by injecting a crafted payload that is reflected in the server response, enabling the execution of arbitrary JavaScript in the victim\u0027s browser.\u003cbr\u003e\u003cbr\u003eThis vulnerability could allow attackers to redirect users to malicious websites, modify the user interface, or exfiltrate data from the browser. However, session-related sensitive cookies are protected using the httpOnly flag, which mitigates the risk of session hijacking."
}
],
"value": "A reflected cross-site scripting (XSS) vulnerability exists in the account registration flow of WSO2 Identity Server due to improper output encoding. A malicious actor can exploit this vulnerability by injecting a crafted payload that is reflected in the server response, enabling the execution of arbitrary JavaScript in the victim\u0027s browser.\n\nThis vulnerability could allow attackers to redirect users to malicious websites, modify the user interface, or exfiltrate data from the browser. However, session-related sensitive cookies are protected using the httpOnly flag, which mitigates the risk of session hijacking."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-23T17:13:28.361Z",
"orgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"shortName": "WSO2"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-3902/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: transparent;\"\u003eFollow the instructions given on \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-3902/#solution\"\u003e\u003cspan style=\"background-color: transparent;\"\u003ehttps://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-3902/#solution\u003c/span\u003e\u003c/a\u003e \u003cbr\u003e"
}
],
"value": "Follow the instructions given on https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-3902/#solution https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-3902/#solution"
}
],
"source": {
"advisory": "WSO2-2025-3902",
"discovery": "EXTERNAL"
},
"title": "Reflected Cross-Site Scripting (XSS) in WSO2 Identity Server Account Registration Flow",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"assignerShortName": "WSO2",
"cveId": "CVE-2025-0209",
"datePublished": "2025-09-23T17:13:10.597Z",
"dateReserved": "2025-01-03T13:17:56.874Z",
"dateUpdated": "2025-09-23T18:37:43.867Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-0663 (GCVE-0-2025-0663)
Vulnerability from cvelistv5 – Published: 2025-09-23 16:58 – Updated: 2025-09-25 16:13
VLAI?
Summary
A cross-tenant authentication vulnerability exists in multiple WSO2 products due to improper cryptographic design in Adaptive Authentication. A single cryptographic key is used across all tenants to sign authentication cookies, allowing a privileged user in one tenant to forge authentication cookies for users in other tenants.
Because the Auto-Login feature is enabled by default, this flaw may allow an attacker to gain unauthorized access and potentially take over accounts in other tenants. Successful exploitation requires access to Adaptive Authentication functionality, which is typically restricted to high-privileged users. The vulnerability is only exploitable when Auto-Login is enabled, reducing its practical impact in deployments where the feature is disabled.
Severity ?
6.8 (Medium)
CWE
- CWE-287 - Improper Authentication
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| WSO2 | WSO2 Open Banking IAM |
Affected:
2.0.0 , < 2.0.0.387
(custom)
|
||||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0663",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-23T18:30:57.677681Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287 Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-25T16:13:15.305Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WSO2 Open Banking IAM",
"vendor": "WSO2",
"versions": [
{
"lessThan": "2.0.0.387",
"status": "affected",
"version": "2.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Identity Server as Key Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "5.10.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "5.10.0.336",
"status": "affected",
"version": "5.10.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Identity Server",
"vendor": "WSO2",
"versions": [
{
"lessThan": "5.10.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "5.10.0.343",
"status": "affected",
"version": "5.10.0",
"versionType": "custom"
},
{
"lessThan": "5.11.0.392",
"status": "affected",
"version": "5.11.0",
"versionType": "custom"
},
{
"lessThan": "6.0.0.228",
"status": "affected",
"version": "6.0.0",
"versionType": "custom"
},
{
"lessThan": "6.1.0.220",
"status": "affected",
"version": "6.1.0",
"versionType": "custom"
},
{
"lessThan": "7.0.0.88",
"status": "affected",
"version": "7.0.0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A cross-tenant authentication vulnerability exists in multiple WSO2 products due to improper cryptographic design in Adaptive Authentication. A single cryptographic key is used across all tenants to sign authentication cookies, allowing a privileged user in one tenant to forge authentication cookies for users in other tenants.\u003cbr\u003e\u003cbr\u003eBecause the Auto-Login feature is enabled by default, this flaw may allow an attacker to gain unauthorized access and potentially take over accounts in other tenants. Successful exploitation requires access to Adaptive Authentication functionality, which is typically restricted to high-privileged users. The vulnerability is only exploitable when Auto-Login is enabled, reducing its practical impact in deployments where the feature is disabled.\u003cbr\u003e"
}
],
"value": "A cross-tenant authentication vulnerability exists in multiple WSO2 products due to improper cryptographic design in Adaptive Authentication. A single cryptographic key is used across all tenants to sign authentication cookies, allowing a privileged user in one tenant to forge authentication cookies for users in other tenants.\n\nBecause the Auto-Login feature is enabled by default, this flaw may allow an attacker to gain unauthorized access and potentially take over accounts in other tenants. Successful exploitation requires access to Adaptive Authentication functionality, which is typically restricted to high-privileged users. The vulnerability is only exploitable when Auto-Login is enabled, reducing its practical impact in deployments where the feature is disabled."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-23T16:58:06.589Z",
"orgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"shortName": "WSO2"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-3864/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: transparent;\"\u003eFollow the instructions given on \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-3864/#solution\"\u003e\u003cspan style=\"background-color: transparent;\"\u003ehttps://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-3864/#solution\u003c/span\u003e\u003c/a\u003e \u003cbr\u003e"
}
],
"value": "Follow the instructions given on https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-3864/#solution https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-3864/#solution"
}
],
"source": {
"advisory": "WSO2-2025-3864",
"discovery": "INTERNAL"
},
"title": "Potential cross-tenant account takeover vulnerability in Multiple WSO2 Products via Adaptive Authentication and Auto-Login",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"assignerShortName": "WSO2",
"cveId": "CVE-2025-0663",
"datePublished": "2025-09-23T16:58:06.589Z",
"dateReserved": "2025-01-23T06:40:05.025Z",
"dateUpdated": "2025-09-25T16:13:15.305Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-6429 (GCVE-0-2024-6429)
Vulnerability from cvelistv5 – Published: 2025-09-23 16:37 – Updated: 2025-09-25 16:14
VLAI?
Summary
A content spoofing vulnerability exists in multiple WSO2 products due to improper error message handling. Under certain conditions, error messages are passed through URL parameters without validation, allowing malicious actors to inject arbitrary content into the UI.
By exploiting this vulnerability, attackers can manipulate browser-displayed error messages, enabling social engineering attacks through deceptive or misleading content.
Severity ?
4.3 (Medium)
CWE
- CWE-451 - User Interface (UI) Misrepresentation of Critical Information
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| WSO2 | WSO2 Identity Server as Key Manager |
Affected:
5.10.0 , < 5.10.0.338
(custom)
|
||||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-6429",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-23T18:31:05.120276Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-451",
"description": "CWE-451 User Interface (UI) Misrepresentation of Critical Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-25T16:14:02.884Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WSO2 Identity Server as Key Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "5.10.0.338",
"status": "affected",
"version": "5.10.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 API Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "3.2.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "3.2.0.409",
"status": "affected",
"version": "3.2.0",
"versionType": "custom"
},
{
"lessThan": "3.2.1.33",
"status": "affected",
"version": "3.2.1",
"versionType": "custom"
},
{
"lessThan": "4.0.0.327",
"status": "affected",
"version": "4.0.0",
"versionType": "custom"
},
{
"lessThan": "4.1.0.188",
"status": "affected",
"version": "4.1.0",
"versionType": "custom"
},
{
"lessThan": "4.2.0.128",
"status": "affected",
"version": "4.2.0",
"versionType": "custom"
},
{
"lessThan": "4.3.0.38",
"status": "affected",
"version": "4.3.0",
"versionType": "custom"
},
{
"lessThan": "4.4.0.4",
"status": "affected",
"version": "4.4.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Identity Server",
"vendor": "WSO2",
"versions": [
{
"lessThan": "5.10.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "5.10.0.314",
"status": "affected",
"version": "5.10.0",
"versionType": "custom"
},
{
"lessThan": "5.11.0.359",
"status": "affected",
"version": "5.11.0",
"versionType": "custom"
},
{
"lessThan": "6.0.0.203",
"status": "affected",
"version": "6.0.0",
"versionType": "custom"
},
{
"lessThan": "6.1.0.176",
"status": "affected",
"version": "6.1.0",
"versionType": "custom"
},
{
"lessThan": "7.0.0.48",
"status": "affected",
"version": "7.0.0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A content spoofing vulnerability exists in multiple WSO2 products due to improper error message handling. Under certain conditions, error messages are passed through URL parameters without validation, allowing malicious actors to inject arbitrary content into the UI.\u003cbr\u003e\u003cbr\u003eBy exploiting this vulnerability, attackers can manipulate browser-displayed error messages, enabling social engineering attacks through deceptive or misleading content.\u003cbr\u003e"
}
],
"value": "A content spoofing vulnerability exists in multiple WSO2 products due to improper error message handling. Under certain conditions, error messages are passed through URL parameters without validation, allowing malicious actors to inject arbitrary content into the UI.\n\nBy exploiting this vulnerability, attackers can manipulate browser-displayed error messages, enabling social engineering attacks through deceptive or misleading content."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-23T16:37:58.340Z",
"orgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"shortName": "WSO2"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2024-3490/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: transparent;\"\u003eFollow the instructions given on \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2024-3490/#solution\"\u003e\u003cspan style=\"background-color: transparent;\"\u003ehttps://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2024-3490/#solution\u003c/span\u003e\u003c/a\u003e \u003cbr\u003e"
}
],
"value": "Follow the instructions given on https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2024-3490/#solution https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2024-3490/#solution"
}
],
"source": {
"advisory": "WSO2-2024-3490",
"discovery": "INTERNAL"
},
"title": "Content Spoofing in Multiple WSO2 Products via Error Message Injection",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"assignerShortName": "WSO2",
"cveId": "CVE-2024-6429",
"datePublished": "2025-09-23T16:37:58.340Z",
"dateReserved": "2024-07-01T12:48:38.456Z",
"dateUpdated": "2025-09-25T16:14:02.884Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-5717 (GCVE-0-2025-5717)
Vulnerability from cvelistv5 – Published: 2025-09-23 16:05 – Updated: 2025-10-31 15:06
VLAI?
Summary
An authenticated remote code execution (RCE) vulnerability exists in multiple WSO2 products due to improper input validation in the event processor admin service. A user with administrative access to the SOAP admin services can exploit this flaw by deploying a Siddhi execution plan containing malicious Java code, resulting in arbitrary code execution on the server.
Exploitation of this vulnerability requires a valid user account with administrative privileges, limiting the attack surface to authenticated but potentially malicious users.
Severity ?
6.8 (Medium)
CWE
- CWE-94 - Improper Control of Generation of Code ('Code Injection')
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| WSO2 | WSO2 API Manager |
Unknown:
0 , < 3.0.0
(custom)
Affected: 3.0.0 , < 3.0.0.174 (custom) Affected: 3.1.0 , < 3.1.0.330 (custom) Affected: 3.2.0 , < 3.2.0.426 (custom) Affected: 3.2.1 , < 3.2.1.46 (custom) Affected: 4.0.0 , < 4.0.0.344 (custom) Affected: 4.1.0 , < 4.1.0.208 (custom) Affected: 4.2.0 , < 4.2.0.147 (custom) Affected: 4.3.0 , < 4.3.0.59 (custom) Affected: 4.4.0 , < 4.4.0.22 (custom) Affected: 4.5.0 , < 4.5.0.6 (custom) |
||||||||||||||||||||||
|
||||||||||||||||||||||||
Credits
Noël MACCARY
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-5717",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-23T18:31:28.992929Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-23T18:37:55.308Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WSO2 API Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "3.0.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "3.0.0.174",
"status": "affected",
"version": "3.0.0",
"versionType": "custom"
},
{
"lessThan": "3.1.0.330",
"status": "affected",
"version": "3.1.0",
"versionType": "custom"
},
{
"lessThan": "3.2.0.426",
"status": "affected",
"version": "3.2.0",
"versionType": "custom"
},
{
"lessThan": "3.2.1.46",
"status": "affected",
"version": "3.2.1",
"versionType": "custom"
},
{
"lessThan": "4.0.0.344",
"status": "affected",
"version": "4.0.0",
"versionType": "custom"
},
{
"lessThan": "4.1.0.208",
"status": "affected",
"version": "4.1.0",
"versionType": "custom"
},
{
"lessThan": "4.2.0.147",
"status": "affected",
"version": "4.2.0",
"versionType": "custom"
},
{
"lessThan": "4.3.0.59",
"status": "affected",
"version": "4.3.0",
"versionType": "custom"
},
{
"lessThan": "4.4.0.22",
"status": "affected",
"version": "4.4.0",
"versionType": "custom"
},
{
"lessThan": "4.5.0.6",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Open Banking AM",
"vendor": "WSO2",
"versions": [
{
"lessThan": "2.0.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "2.0.0.379",
"status": "affected",
"version": "2.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Traffic Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.0.6",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 API Control Plane",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.0.6",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"packageName": "org.wso2.siddhi:siddhi-extension-eval-scriptApache",
"product": "Siddhi Extension Evaluate Scripts",
"vendor": "WSO2",
"versions": [
{
"lessThan": "3.2.6.8",
"status": "affected",
"version": "3.2.6",
"versionType": "custom"
},
{
"lessThan": "3.2.7.6",
"status": "affected",
"version": "3.2.7",
"versionType": "custom"
},
{
"lessThan": "3.2.8.3",
"status": "affected",
"version": "3.2.8",
"versionType": "custom"
},
{
"lessThan": "3.2.10.1",
"status": "affected",
"version": "3.2.10",
"versionType": "custom"
},
{
"lessThan": "3.2.13.2",
"status": "affected",
"version": "3.2.13",
"versionType": "custom"
},
{
"lessThan": "3.2.14.1",
"status": "affected",
"version": "3.2.14",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "3.2.15",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "No\u00ebl MACCARY"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An authenticated remote code execution (RCE) vulnerability exists in multiple WSO2 products due to improper input validation in the event processor admin service. A user with administrative access to the SOAP admin services can exploit this flaw by deploying a Siddhi execution plan containing malicious Java code, resulting in arbitrary code execution on the server.\u003cbr\u003e\u003cbr\u003eExploitation of this vulnerability requires a valid user account with administrative privileges, limiting the attack surface to authenticated but potentially malicious users.\u003cbr\u003e"
}
],
"value": "An authenticated remote code execution (RCE) vulnerability exists in multiple WSO2 products due to improper input validation in the event processor admin service. A user with administrative access to the SOAP admin services can exploit this flaw by deploying a Siddhi execution plan containing malicious Java code, resulting in arbitrary code execution on the server.\n\nExploitation of this vulnerability requires a valid user account with administrative privileges, limiting the attack surface to authenticated but potentially malicious users."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-31T15:06:22.088Z",
"orgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"shortName": "WSO2"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4119/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: transparent;\"\u003eFollow the instructions given on \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4119/#solution\"\u003e\u003cspan style=\"background-color: transparent;\"\u003ehttps://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4119/#solution\u003c/span\u003e\u003c/a\u003e \u003cbr\u003e"
}
],
"value": "Follow the instructions given on https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4119/#solution https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4119/#solution"
}
],
"source": {
"advisory": "WSO2-2025-4119",
"discovery": "EXTERNAL"
},
"title": "Authenticated Remote Code Execution in Multiple WSO2 Products via Event Processor Admin Service",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"assignerShortName": "WSO2",
"cveId": "CVE-2025-5717",
"datePublished": "2025-09-23T16:05:19.923Z",
"dateReserved": "2025-06-05T06:06:53.039Z",
"dateUpdated": "2025-10-31T15:06:22.088Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-4760 (GCVE-0-2025-4760)
Vulnerability from cvelistv5 – Published: 2025-09-23 14:55 – Updated: 2025-09-23 19:58
VLAI?
Summary
An authenticated stored cross-site scripting (XSS) vulnerability exists in multiple WSO2 products due to improper validation of user-supplied input during API document upload in the Publisher portal. A user with publisher privileges can upload a crafted API document containing malicious JavaScript, which is later rendered in the browser when accessed by other users.
A successful attack could result in redirection to malicious websites, unauthorized UI modifications, or exfiltration of browser-accessible data. However, session-related sensitive cookies are protected by the httpOnly flag, preventing session hijacking.
Severity ?
4.8 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| WSO2 | WSO2 API Manager |
Unknown:
0 , < 3.2.0
(custom)
Affected: 3.2.0 , < 3.2.0.428 (custom) Affected: 3.2.1 , < 3.2.1.48 (custom) Affected: 4.1.0 , < 4.1.0.209 (custom) Affected: 4.2.0 , < 4.2.0.145 (custom) Affected: 4.3.0 , < 4.3.0.60 (custom) Affected: 4.4.0 , < 4.4.0.23 (custom) Affected: 4.5.0 , < 4.5.0.7 (custom) |
||||||||||||||||||||||
|
||||||||||||||||||||||||
Credits
Phạm Hồ Anh Dũng
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-4760",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-23T19:58:20.115874Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-23T19:58:26.062Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WSO2 API Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "3.2.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "3.2.0.428",
"status": "affected",
"version": "3.2.0",
"versionType": "custom"
},
{
"lessThan": "3.2.1.48",
"status": "affected",
"version": "3.2.1",
"versionType": "custom"
},
{
"lessThan": "4.1.0.209",
"status": "affected",
"version": "4.1.0",
"versionType": "custom"
},
{
"lessThan": "4.2.0.145",
"status": "affected",
"version": "4.2.0",
"versionType": "custom"
},
{
"lessThan": "4.3.0.60",
"status": "affected",
"version": "4.3.0",
"versionType": "custom"
},
{
"lessThan": "4.4.0.23",
"status": "affected",
"version": "4.4.0",
"versionType": "custom"
},
{
"lessThan": "4.5.0.7",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 API Control Plane",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.0.8",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Universal Gateway",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.0.7",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Traffic Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.0.7",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"packageName": "org.wso2.carbon.apimgt:org.wso2.carbon.apimgt.api",
"product": "WSO2 Carbon API Management API",
"vendor": "WSO2",
"versions": [
{
"lessThan": "6.7.206.559",
"status": "affected",
"version": "6.7.206",
"versionType": "custom"
},
{
"lessThan": "6.7.210.48",
"status": "affected",
"version": "6.7.210",
"versionType": "custom"
},
{
"lessThan": "9.20.74.365",
"status": "affected",
"version": "9.20.74",
"versionType": "custom"
},
{
"lessThan": "9.28.116.321",
"status": "affected",
"version": "9.28.116",
"versionType": "custom"
},
{
"lessThan": "9.29.120.163",
"status": "affected",
"version": "9.29.120",
"versionType": "custom"
},
{
"lessThan": "9.30.67.80",
"status": "affected",
"version": "9.30.67",
"versionType": "custom"
},
{
"lessThan": "9.31.86.30",
"status": "affected",
"version": "9.31.86",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "9.31.117",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Ph\u1ea1m H\u1ed3 Anh D\u0169ng"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An authenticated stored cross-site scripting (XSS) vulnerability exists in multiple WSO2 products due to improper validation of user-supplied input during API document upload in the Publisher portal. A user with publisher privileges can upload a crafted API document containing malicious JavaScript, which is later rendered in the browser when accessed by other users.\u003cbr\u003e\u003cbr\u003eA successful attack could result in redirection to malicious websites, unauthorized UI modifications, or exfiltration of browser-accessible data. However, session-related sensitive cookies are protected by the httpOnly flag, preventing session hijacking.\u003cbr\u003e"
}
],
"value": "An authenticated stored cross-site scripting (XSS) vulnerability exists in multiple WSO2 products due to improper validation of user-supplied input during API document upload in the Publisher portal. A user with publisher privileges can upload a crafted API document containing malicious JavaScript, which is later rendered in the browser when accessed by other users.\n\nA successful attack could result in redirection to malicious websites, unauthorized UI modifications, or exfiltration of browser-accessible data. However, session-related sensitive cookies are protected by the httpOnly flag, preventing session hijacking."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-23T14:55:04.917Z",
"orgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"shortName": "WSO2"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4104/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: transparent;\"\u003eFollow the instructions given on \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4104/#solution\"\u003e\u003cspan style=\"background-color: transparent;\"\u003ehttps://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4104/#solution\u003c/span\u003e\u003c/a\u003e \u003cbr\u003e"
}
],
"value": "Follow the instructions given on https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4104/#solution https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4104/#solution"
}
],
"source": {
"advisory": "WSO2-2025-4104",
"discovery": "EXTERNAL"
},
"title": "Authenticated Stored Cross-Site Scripting (XSS) in Multiple WSO2 Products via API Document Upload in Publisher",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"assignerShortName": "WSO2",
"cveId": "CVE-2025-4760",
"datePublished": "2025-09-23T14:55:04.917Z",
"dateReserved": "2025-05-15T10:20:31.569Z",
"dateUpdated": "2025-09-23T19:58:26.062Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-4598 (GCVE-0-2024-4598)
Vulnerability from cvelistv5 – Published: 2025-09-23 10:39 – Updated: 2025-09-23 19:35
VLAI?
Summary
An information disclosure vulnerability exists in multiple WSO2 products due to improper implementation of the enrich mediator. Authenticated users may be able to view unintended business data from other mediation contexts because the internal state is not properly isolated or cleared between executions.
This vulnerability does not impact user credentials or access tokens but may lead to leakage of sensitive business information handled during message flows.
Severity ?
6.5 (Medium)
CWE
- CWE-1259 - Improper Restriction of Security Token Assignment
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| WSO2 | WSO2 API Manager |
Unknown:
0 , < 3.2.0
(custom)
Affected: 3.2.0 , < 3.2.0.422 (custom) Affected: 3.2.1 , < 3.2.1.42 (custom) Affected: 4.1.0 , < 4.1.0.152 (custom) Affected: 4.3.0 , < 4.3.0.55 (custom) |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-4598",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-23T19:35:13.107728Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1259",
"description": "CWE-1259 Improper Restriction of Security Token Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-23T19:35:33.987Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WSO2 API Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "3.2.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "3.2.0.422",
"status": "affected",
"version": "3.2.0",
"versionType": "custom"
},
{
"lessThan": "3.2.1.42",
"status": "affected",
"version": "3.2.1",
"versionType": "custom"
},
{
"lessThan": "4.1.0.152",
"status": "affected",
"version": "4.1.0",
"versionType": "custom"
},
{
"lessThan": "4.3.0.55",
"status": "affected",
"version": "4.3.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Micro Integrator",
"vendor": "WSO2",
"versions": [
{
"lessThan": "1.2.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "1.2.0.157",
"status": "affected",
"version": "1.2.0",
"versionType": "custom"
},
{
"lessThan": "4.1.0.95",
"status": "affected",
"version": "4.1.0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An information disclosure vulnerability exists in multiple WSO2 products due to improper implementation of the enrich mediator. Authenticated users may be able to view unintended business data from other mediation contexts because the internal state is not properly isolated or cleared between executions.\u003cbr\u003e\u003cbr\u003eThis vulnerability does not impact user credentials or access tokens but may lead to leakage of sensitive business information handled during message flows."
}
],
"value": "An information disclosure vulnerability exists in multiple WSO2 products due to improper implementation of the enrich mediator. Authenticated users may be able to view unintended business data from other mediation contexts because the internal state is not properly isolated or cleared between executions.\n\nThis vulnerability does not impact user credentials or access tokens but may lead to leakage of sensitive business information handled during message flows."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-23T10:39:16.195Z",
"orgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"shortName": "WSO2"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2024-3355/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: transparent;\"\u003eFollow the instructions given on \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2024-3355/#solution\"\u003e\u003cspan style=\"background-color: transparent;\"\u003ehttps://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2024-3355/#solution\u003c/span\u003e\u003c/a\u003e \u003cbr\u003e"
}
],
"value": "Follow the instructions given on https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2024-3355/#solution https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2024-3355/#solution"
}
],
"source": {
"advisory": "WSO2-2024-3355",
"discovery": "INTERNAL"
},
"title": "Information Disclosure in Multiple WSO2 Products Due to Improper Handling in Enrich Mediator",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"assignerShortName": "WSO2",
"cveId": "CVE-2024-4598",
"datePublished": "2025-09-23T10:39:16.195Z",
"dateReserved": "2024-05-07T06:40:12.013Z",
"dateUpdated": "2025-09-23T19:35:33.987Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-3511 (GCVE-0-2024-3511)
Vulnerability from cvelistv5 – Published: 2025-06-23 08:47 – Updated: 2025-06-23 12:43
VLAI?
Summary
An incorrect authorization vulnerability exists in multiple WSO2 products that allows unauthorized access to versioned files stored in the registry. Due to flawed authorization logic, a malicious actor with access to the management console can exploit a specific bypass method to retrieve versioned files without proper authorization.
Successful exploitation of this vulnerability could lead to unauthorized disclosure of configuration or resource files that may be stored as registry versions, potentially aiding further attacks or system reconnaissance.
Severity ?
4.3 (Medium)
CWE
- CWE-863 - Incorrect Authorization
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| WSO2 | WSO2 Enterprise Integrator |
Unknown:
0 , < 6.6.0
(custom)
Affected: 6.6.0 , < 6.6.0.205 (custom) |
||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||
Credits
Viral Maniar - Security Researcher at Preemptive Cyber Security Pty Ltd
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-3511",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-23T12:38:22.864048Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-23T12:43:45.452Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WSO2 Enterprise Integrator",
"vendor": "WSO2",
"versions": [
{
"lessThan": "6.6.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "6.6.0.205",
"status": "affected",
"version": "6.6.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 API Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "3.1.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "3.1.0.273",
"status": "affected",
"version": "3.1.0",
"versionType": "custom"
},
{
"lessThan": "3.2.0.361",
"status": "affected",
"version": "3.2.0",
"versionType": "custom"
},
{
"lessThan": "3.2.1.13",
"status": "affected",
"version": "3.2.1",
"versionType": "custom"
},
{
"lessThan": "4.0.0.306",
"status": "affected",
"version": "4.0.0",
"versionType": "custom"
},
{
"lessThan": "4.1.0.163",
"status": "affected",
"version": "4.1.0",
"versionType": "custom"
},
{
"lessThan": "4.2.0.98",
"status": "affected",
"version": "4.2.0",
"versionType": "custom"
},
{
"lessThan": "4.3.0.17",
"status": "affected",
"version": "4.3.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Identity Server as Key Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "5.10.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "5.10.0.289",
"status": "affected",
"version": "5.10.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Identity Server",
"vendor": "WSO2",
"versions": [
{
"lessThan": "5.10.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "5.10.0.292",
"status": "affected",
"version": "5.10.0",
"versionType": "custom"
},
{
"lessThan": "5.11.0.333",
"status": "affected",
"version": "5.11.0",
"versionType": "custom"
},
{
"lessThan": "6.0.0.180",
"status": "affected",
"version": "6.0.0",
"versionType": "custom"
},
{
"lessThan": "6.1.0.141",
"status": "affected",
"version": "6.1.0",
"versionType": "custom"
},
{
"lessThan": "7.0.0.8",
"status": "affected",
"version": "7.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Open Banking AM",
"vendor": "WSO2",
"versions": [
{
"lessThan": "2.0.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "2.0.0.320",
"status": "affected",
"version": "2.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Open Banking IAM",
"vendor": "WSO2",
"versions": [
{
"lessThan": "2.0.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "2.0.0.341",
"status": "affected",
"version": "2.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"packageName": "org.wso2.carbon:org.wso2.carbon.user.core",
"product": "WSO2 Carbon User Manager Kernel",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.0.5",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
},
{
"lessThan": "4.5.3.35",
"status": "affected",
"version": "4.5.3",
"versionType": "custom"
},
{
"lessThan": "4.6.0.140",
"status": "affected",
"version": "4.6.0",
"versionType": "custom"
},
{
"lessThan": "4.6.1.107",
"status": "affected",
"version": "4.6.1",
"versionType": "custom"
},
{
"lessThan": "4.6.2.323",
"status": "affected",
"version": "4.6.2",
"versionType": "custom"
},
{
"lessThan": "4.6.3.18",
"status": "affected",
"version": "4.6.3",
"versionType": "custom"
},
{
"lessThan": "4.6.4.3",
"status": "affected",
"version": "4.6.4",
"versionType": "custom"
},
{
"lessThan": "4.7.1.47",
"status": "affected",
"version": "4.7.1",
"versionType": "custom"
},
{
"lessThan": "4.8.1.19",
"status": "affected",
"version": "4.8.1",
"versionType": "custom"
},
{
"lessThan": "4.9.0.52",
"status": "affected",
"version": "4.9.0",
"versionType": "custom"
},
{
"lessThan": "4.9.26.10",
"status": "affected",
"version": "4.9.26",
"versionType": "custom"
},
{
"lessThan": "4.10.9.8",
"status": "affected",
"version": "4.10.9",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "4.10.13",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Viral Maniar - Security Researcher at Preemptive Cyber Security Pty Ltd"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An incorrect authorization vulnerability exists in multiple WSO2 products that allows unauthorized access to versioned files stored in the registry. Due to flawed authorization logic, a malicious actor with access to the management console can exploit a specific bypass method to retrieve versioned files without proper authorization.\u003cbr\u003e\u003cbr\u003eSuccessful exploitation of this vulnerability could lead to unauthorized disclosure of configuration or resource files that may be stored as registry versions, potentially aiding further attacks or system reconnaissance.\u003cbr\u003e"
}
],
"value": "An incorrect authorization vulnerability exists in multiple WSO2 products that allows unauthorized access to versioned files stored in the registry. Due to flawed authorization logic, a malicious actor with access to the management console can exploit a specific bypass method to retrieve versioned files without proper authorization.\n\nSuccessful exploitation of this vulnerability could lead to unauthorized disclosure of configuration or resource files that may be stored as registry versions, potentially aiding further attacks or system reconnaissance."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863 Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-23T08:47:55.266Z",
"orgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"shortName": "WSO2"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2024-2702/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: transparent;\"\u003eFollow the instructions given on \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2024-2702/#solution\"\u003e\u003cspan style=\"background-color: transparent;\"\u003ehttps://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2024-2702/#solution\u003c/span\u003e\u003c/a\u003e \u003cbr\u003e"
}
],
"value": "Follow the instructions given on https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2024-2702/#solution https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2024-2702/#solution"
}
],
"source": {
"advisory": "WSO2-2024-2702",
"discovery": "EXTERNAL"
},
"title": "Incorrect Authorization in Multiple WSO2 Products Allows Unauthorized Access to Registry Versioned Files",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"assignerShortName": "WSO2",
"cveId": "CVE-2024-3511",
"datePublished": "2025-06-23T08:47:55.266Z",
"dateReserved": "2024-04-09T12:08:02.707Z",
"dateUpdated": "2025-06-23T12:43:45.452Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-1440 (GCVE-0-2024-1440)
Vulnerability from cvelistv5 – Published: 2025-06-02 16:51 – Updated: 2025-06-02 17:07
VLAI?
Summary
An open redirection vulnerability exists in multiple WSO2 products due to improper validation of the multi-option URL in the authentication endpoint when multi-option authentication is enabled. A malicious actor can craft a valid link that redirects users to an attacker-controlled site.
By exploiting this vulnerability, an attacker may trick users into visiting a malicious page, enabling phishing attacks to harvest sensitive information or perform other harmful actions.
Severity ?
5.4 (Medium)
CWE
- CWE-601 - URL Redirection to Untrusted Site ('Open Redirect')
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| WSO2 | WSO2 Identity Server |
Unknown:
0 , < 5.10.0
(custom)
Affected: 5.10.0 , < 5.10.0.278 (custom) Affected: 5.11.0 , < 5.11.0.347 (custom) Affected: 6.0.0 , < 6.0.0.185 (custom) Affected: 6.1.0 , < 6.1.0.145 (custom) Affected: 7.0.0 , < 7.0.0.30 (custom) |
|||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-1440",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-02T17:06:49.114728Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-02T17:07:01.605Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WSO2 Identity Server",
"vendor": "WSO2",
"versions": [
{
"lessThan": "5.10.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "5.10.0.278",
"status": "affected",
"version": "5.10.0",
"versionType": "custom"
},
{
"lessThan": "5.11.0.347",
"status": "affected",
"version": "5.11.0",
"versionType": "custom"
},
{
"lessThan": "6.0.0.185",
"status": "affected",
"version": "6.0.0",
"versionType": "custom"
},
{
"lessThan": "6.1.0.145",
"status": "affected",
"version": "6.1.0",
"versionType": "custom"
},
{
"lessThan": "7.0.0.30",
"status": "affected",
"version": "7.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 API Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "3.1.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "3.1.0.262",
"status": "affected",
"version": "3.1.0",
"versionType": "custom"
},
{
"lessThan": "3.2.0.344",
"status": "affected",
"version": "3.2.0",
"versionType": "custom"
},
{
"lessThan": "4.0.0.296",
"status": "affected",
"version": "4.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Identity Server as Key Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "5.10.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "5.10.0.298",
"status": "affected",
"version": "5.10.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Open Banking AM",
"vendor": "WSO2",
"versions": [
{
"lessThan": "2.0.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "2.0.0.308",
"status": "affected",
"version": "2.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Open Banking IAM",
"vendor": "WSO2",
"versions": [
{
"lessThan": "2.0.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "2.0.0.327",
"status": "affected",
"version": "2.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"packageName": "org.wso2.carbon.identity.framework:org.wso2.carbon.identity.application.authentication.endpoint.util",
"product": "WSO2 Carbon Identity Application Authentication Endpoint(Utils)",
"vendor": "WSO2",
"versions": [
{
"lessThan": "5.17.5.256",
"status": "affected",
"version": "5.17.5",
"versionType": "custom"
},
{
"lessThan": "5.18.187.257",
"status": "affected",
"version": "5.18.187",
"versionType": "custom"
},
{
"lessThan": "5.23.8.174",
"status": "affected",
"version": "5.23.8",
"versionType": "custom"
},
{
"lessThan": "5.25.92.77",
"status": "affected",
"version": "5.25.92",
"versionType": "custom"
},
{
"lessThan": "7.0.78.18",
"status": "affected",
"version": "7.0.78",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "7.0.111",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An open redirection vulnerability exists in multiple WSO2 products due to improper validation of the multi-option URL in the authentication endpoint when multi-option authentication is enabled. A malicious actor can craft a valid link that redirects users to an attacker-controlled site.\u003cbr\u003e\u003cbr\u003eBy exploiting this vulnerability, an attacker may trick users into visiting a malicious page, enabling phishing attacks to harvest sensitive information or perform other harmful actions.\u003cbr\u003e"
}
],
"value": "An open redirection vulnerability exists in multiple WSO2 products due to improper validation of the multi-option URL in the authentication endpoint when multi-option authentication is enabled. A malicious actor can craft a valid link that redirects users to an attacker-controlled site.\n\nBy exploiting this vulnerability, an attacker may trick users into visiting a malicious page, enabling phishing attacks to harvest sensitive information or perform other harmful actions."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-601",
"description": "CWE-601 URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-02T16:51:16.948Z",
"orgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"shortName": "WSO2"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2024/WSO2-2024-3171/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Follow the instructions given on \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2024/WSO2-2024-3171/#solution\"\u003ehttps://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2024/WSO2-2024-3...\u003c/a\u003e"
}
],
"value": "Follow the instructions given on https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2024/WSO2-2024-3... https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2024/WSO2-2024-3171/#solution"
}
],
"source": {
"advisory": "WSO2-2024-3171",
"discovery": "INTERNAL"
},
"title": "Open Redirection in Multiple WSO2 Products via Multi-Option Authentication Endpoint",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"assignerShortName": "WSO2",
"cveId": "CVE-2024-1440",
"datePublished": "2025-06-02T16:51:16.948Z",
"dateReserved": "2024-02-12T09:53:51.193Z",
"dateUpdated": "2025-06-02T17:07:01.605Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-8008 (GCVE-0-2024-8008)
Vulnerability from cvelistv5 – Published: 2025-06-02 16:48 – Updated: 2025-10-21 05:53
VLAI?
Summary
A reflected cross-site scripting (XSS) vulnerability exists in multiple WSO2 products due to insufficient output encoding in error messages generated by the JDBC user store connection validation request. A malicious actor can inject a specially crafted payload into the request, causing the browser to execute arbitrary JavaScript in the context of the vulnerable page.
This vulnerability may allow UI manipulation, redirection to malicious websites, or data exfiltration from the browser. However, since all session-related sensitive cookies are protected with the httpOnly flag, session hijacking is not possible.
Severity ?
5.2 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| WSO2 | WSO2 Enterprise Integrator |
Unknown:
0 , < 6.6.0
(custom)
Affected: 6.6.0 , < 6.6.0.211 (custom) |
|||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-8008",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-02T17:05:11.526830Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-02T17:05:24.975Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WSO2 Enterprise Integrator",
"vendor": "WSO2",
"versions": [
{
"lessThan": "6.6.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "6.6.0.211",
"status": "affected",
"version": "6.6.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 API Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "3.1.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "3.1.0.305",
"status": "affected",
"version": "3.1.0",
"versionType": "custom"
},
{
"lessThan": "3.2.0.396",
"status": "affected",
"version": "3.2.0",
"versionType": "custom"
},
{
"lessThan": "3.2.1.28",
"status": "affected",
"version": "3.2.1",
"versionType": "custom"
},
{
"lessThan": "4.0.0.313",
"status": "affected",
"version": "4.0.0",
"versionType": "custom"
},
{
"lessThan": "4.1.0.182",
"status": "affected",
"version": "4.1.0",
"versionType": "custom"
},
{
"lessThan": "4.2.0.121",
"status": "affected",
"version": "4.2.0",
"versionType": "custom"
},
{
"lessThan": "4.3.0.32",
"status": "affected",
"version": "4.3.0",
"versionType": "custom"
},
{
"lessThan": "4.4.0.1",
"status": "affected",
"version": "4.4.0",
"versionType": "custom"
},
{
"lessThan": "4.5.0.16",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Identity Server as Key Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "5.10.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "5.10.0.321",
"status": "affected",
"version": "5.10.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Identity Server",
"vendor": "WSO2",
"versions": [
{
"lessThan": "5.10.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "5.10.0.328",
"status": "affected",
"version": "5.10.0",
"versionType": "custom"
},
{
"lessThan": "5.11.0.374",
"status": "affected",
"version": "5.11.0",
"versionType": "custom"
},
{
"lessThan": "6.0.0.216",
"status": "affected",
"version": "6.0.0",
"versionType": "custom"
},
{
"lessThan": "6.1.0.201",
"status": "affected",
"version": "6.1.0",
"versionType": "custom"
},
{
"lessThan": "7.0.0.69",
"status": "affected",
"version": "7.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Open Banking IAM",
"vendor": "WSO2",
"versions": [
{
"lessThan": "2.0.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "2.0.0.374",
"status": "affected",
"version": "2.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Open Banking AM",
"vendor": "WSO2",
"versions": [
{
"lessThan": "2.0.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "2.0.0.354",
"status": "affected",
"version": "2.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Traffic Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.0.16",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 API Control Plane",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.0.17",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Universal Gateway",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.0.16",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"packageName": "org.wso2.carbon.identity.framework:org.wso2.carbon.identity.user.store.configuration.ui",
"product": "WSO2 Carbon Identity User Store Configuration UI",
"vendor": "WSO2",
"versions": [
{
"lessThan": "5.14.127.9",
"status": "affected",
"version": "5.14.127",
"versionType": "custom"
},
{
"lessThan": "5.17.5.289",
"status": "affected",
"version": "5.17.5",
"versionType": "custom"
},
{
"lessThan": "5.17.118.10",
"status": "affected",
"version": "5.17.118",
"versionType": "custom"
},
{
"lessThan": "5.18.187.276",
"status": "affected",
"version": "5.18.187",
"versionType": "custom"
},
{
"lessThan": "5.18.248.22",
"status": "affected",
"version": "5.18.248",
"versionType": "custom"
},
{
"lessThan": "5.23.8.193",
"status": "affected",
"version": "5.23.8",
"versionType": "custom"
},
{
"lessThan": "5.24.8.11",
"status": "affected",
"version": "5.24.8",
"versionType": "custom"
},
{
"lessThan": "5.25.92.104",
"status": "affected",
"version": "5.25.92",
"versionType": "custom"
},
{
"lessThan": "5.25.705.10",
"status": "affected",
"version": "5.25.705",
"versionType": "custom"
},
{
"lessThan": "5.25.713.1",
"status": "affected",
"version": "5.25.713",
"versionType": "custom"
},
{
"lessThan": "5.25.724.1",
"status": "affected",
"version": "5.25.724",
"versionType": "custom"
},
{
"lessThan": "7.0.78.46",
"status": "affected",
"version": "7.0.78",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "7.5.12",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A reflected cross-site scripting (XSS) vulnerability exists in multiple WSO2 products due to insufficient output encoding in error messages generated by the JDBC user store connection validation request. A malicious actor can inject a specially crafted payload into the request, causing the browser to execute arbitrary JavaScript in the context of the vulnerable page.\u003cbr\u003e\u003cbr\u003eThis vulnerability may allow UI manipulation, redirection to malicious websites, or data exfiltration from the browser. However, since all session-related sensitive cookies are protected with the httpOnly flag, session hijacking is not possible."
}
],
"value": "A reflected cross-site scripting (XSS) vulnerability exists in multiple WSO2 products due to insufficient output encoding in error messages generated by the JDBC user store connection validation request. A malicious actor can inject a specially crafted payload into the request, causing the browser to execute arbitrary JavaScript in the context of the vulnerable page.\n\nThis vulnerability may allow UI manipulation, redirection to malicious websites, or data exfiltration from the browser. However, since all session-related sensitive cookies are protected with the httpOnly flag, session hijacking is not possible."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T05:53:02.275Z",
"orgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"shortName": "WSO2"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2024-3178/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: transparent;\"\u003eFollow the instructions given on \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2024-3178/#solution\"\u003e\u003cspan style=\"background-color: transparent;\"\u003ehttps://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2024-3178/#solution\u003c/span\u003e\u003c/a\u003e \u003cbr\u003e"
}
],
"value": "Follow the instructions given on https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2024-3178/#solution https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2024-3178/#solution"
}
],
"source": {
"advisory": "WSO2-2024-3178",
"discovery": "INTERNAL"
},
"title": "Reflected Cross-Site Scripting (XSS) in Multiple WSO2 Products via JDBC User Store Connection Validation",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"assignerShortName": "WSO2",
"cveId": "CVE-2024-8008",
"datePublished": "2025-06-02T16:48:12.479Z",
"dateReserved": "2024-08-20T11:32:44.245Z",
"dateUpdated": "2025-10-21T05:53:02.275Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-3509 (GCVE-0-2024-3509)
Vulnerability from cvelistv5 – Published: 2025-06-02 16:44 – Updated: 2025-06-02 17:05
VLAI?
Summary
A stored cross-site scripting (XSS) vulnerability exists in the Management Console of multiple WSO2 products due to insufficient input validation in the Rich Text Editor within the registry section.
To exploit this vulnerability, a malicious actor must have a valid user account with administrative access to the Management Console. If successful, the actor could inject persistent JavaScript payloads, enabling the theft of user data or execution of unauthorized actions on behalf of other users.
While this issue enables persistent client-side script execution, session-related cookies remain protected with the httpOnly flag, preventing session hijacking.
Severity ?
4.3 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| WSO2 | WSO2 Enterprise Integrator |
Unknown:
0 , < 6.6.0
(custom)
Affected: 6.6.0 , < 6.6.0.202 (custom) |
||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-3509",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-02T17:04:57.624046Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-02T17:05:38.912Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WSO2 Enterprise Integrator",
"vendor": "WSO2",
"versions": [
{
"lessThan": "6.6.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "6.6.0.202",
"status": "affected",
"version": "6.6.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 API Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "3.1.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "3.1.0.275",
"status": "affected",
"version": "3.1.0",
"versionType": "custom"
},
{
"lessThan": "3.2.0.392",
"status": "affected",
"version": "3.2.0",
"versionType": "custom"
},
{
"lessThan": "3.2.1.19",
"status": "affected",
"version": "3.2.1",
"versionType": "custom"
},
{
"lessThan": "4.0.0.308",
"status": "affected",
"version": "4.0.0",
"versionType": "custom"
},
{
"lessThan": "4.1.0.171",
"status": "affected",
"version": "4.1.0",
"versionType": "custom"
},
{
"lessThan": "4.2.0.107",
"status": "affected",
"version": "4.2.0",
"versionType": "custom"
},
{
"lessThan": "4.3.0.21",
"status": "affected",
"version": "4.3.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Open Banking AM",
"vendor": "WSO2",
"versions": [
{
"lessThan": "2.0.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "2.0.0.325",
"status": "affected",
"version": "2.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Open Banking IAM",
"vendor": "WSO2",
"versions": [
{
"lessThan": "2.0.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "2.0.0.345",
"status": "affected",
"version": "2.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Identity Server as Key Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "5.10.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "5.10.0.292",
"status": "affected",
"version": "5.10.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Identity Server",
"vendor": "WSO2",
"versions": [
{
"lessThan": "5.10.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "5.10.0.296",
"status": "affected",
"version": "5.10.0",
"versionType": "custom"
},
{
"lessThan": "5.11.0.333",
"status": "affected",
"version": "5.11.0",
"versionType": "custom"
},
{
"lessThan": "6.0.0.181",
"status": "affected",
"version": "6.0.0",
"versionType": "custom"
},
{
"lessThan": "6.1.0.142",
"status": "affected",
"version": "6.1.0",
"versionType": "custom"
},
{
"lessThan": "7.0.0.9",
"status": "affected",
"version": "7.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"packageName": "org.wso2.carbon.registry:org.wso2.carbon.registry.resource.ui",
"product": "WSO2 Carbon Registry Resources UI",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.7.24.6",
"status": "affected",
"version": "4.7.24",
"versionType": "custom"
},
{
"lessThan": "4.7.32.10",
"status": "affected",
"version": "4.7.32",
"versionType": "custom"
},
{
"lessThan": "4.7.33.8",
"status": "affected",
"version": "4.7.33",
"versionType": "custom"
},
{
"lessThan": "4.7.35.8",
"status": "affected",
"version": "4.7.35",
"versionType": "custom"
},
{
"lessThan": "4.7.39.6",
"status": "affected",
"version": "4.7.39",
"versionType": "custom"
},
{
"lessThan": "4.7.51.2",
"status": "affected",
"version": "4.7.51",
"versionType": "custom"
},
{
"lessThan": "4.8.3.7",
"status": "affected",
"version": "4.8.3",
"versionType": "custom"
},
{
"lessThan": "4.8.9.3",
"status": "affected",
"version": "4.8.9",
"versionType": "custom"
},
{
"lessThan": "4.8.12.2",
"status": "affected",
"version": "4.8.12",
"versionType": "custom"
},
{
"lessThan": "4.8.13.4",
"status": "affected",
"version": "4.8.13",
"versionType": "custom"
},
{
"lessThan": "4.8.24.1",
"status": "affected",
"version": "4.8.24",
"versionType": "custom"
},
{
"lessThan": "4.8.32.2",
"status": "affected",
"version": "4.8.32",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "4.8.35",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A stored cross-site scripting (XSS) vulnerability exists in the Management Console of multiple WSO2 products due to insufficient input validation in the Rich Text Editor within the registry section.\u003cbr\u003eTo exploit this vulnerability, a malicious actor must have a valid user account with administrative access to the Management Console. If successful, the actor could inject persistent JavaScript payloads, enabling the theft of user data or execution of unauthorized actions on behalf of other users.\u003cbr\u003e\u003cbr\u003eWhile this issue enables persistent client-side script execution, session-related cookies remain protected with the httpOnly flag, preventing session hijacking."
}
],
"value": "A stored cross-site scripting (XSS) vulnerability exists in the Management Console of multiple WSO2 products due to insufficient input validation in the Rich Text Editor within the registry section.\nTo exploit this vulnerability, a malicious actor must have a valid user account with administrative access to the Management Console. If successful, the actor could inject persistent JavaScript payloads, enabling the theft of user data or execution of unauthorized actions on behalf of other users.\n\nWhile this issue enables persistent client-side script execution, session-related cookies remain protected with the httpOnly flag, preventing session hijacking."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-02T16:44:28.668Z",
"orgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"shortName": "WSO2"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2024/WSO2-2024-2701"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Follow the instructions given on \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2024/WSO2-2024-2701/#solution\"\u003ehttps://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2024/WSO2-2024-2...\u003c/a\u003e \u003cbr\u003e"
}
],
"value": "Follow the instructions given on https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2024/WSO2-2024-2... https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2024/WSO2-2024-2701/#solution"
}
],
"source": {
"advisory": "WSO2-2024-2701",
"discovery": "INTERNAL"
},
"title": "Stored Cross-Site Scripting (XSS) in Management Console of Multiple WSO2 Products via Rich Text Editor",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"assignerShortName": "WSO2",
"cveId": "CVE-2024-3509",
"datePublished": "2025-06-02T16:44:28.668Z",
"dateReserved": "2024-04-09T12:00:11.641Z",
"dateUpdated": "2025-06-02T17:05:38.912Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-7074 (GCVE-0-2024-7074)
Vulnerability from cvelistv5 – Published: 2025-06-02 16:42 – Updated: 2025-06-02 17:05
VLAI?
Summary
An arbitrary file upload vulnerability exists in multiple WSO2 products due to improper validation of user input in SOAP admin services. A malicious actor with administrative privileges can upload an arbitrary file to a user-controlled location on the server.
By leveraging this vulnerability, an attacker could upload a specially crafted payload, potentially achieving remote code execution (RCE) on the server. Exploitation requires valid admin credentials, limiting its impact to authorized but potentially malicious users.
Severity ?
6.8 (Medium)
CWE
- CWE-434 - Unrestricted Upload of File with Dangerous Type
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| WSO2 | WSO2 Enterprise Integrator |
Unknown:
0 , < 6.0.0
(custom)
Affected: 6.0.0 , < 6.0.0.21 (custom) Affected: 6.1.0 , < 6.1.0.38 (custom) Affected: 6.1.1 , < 6.1.1.42 (custom) Affected: 6.2.0 , < 6.2.0.61 (custom) Affected: 6.3.0 , < 6.3.0.69 (custom) Affected: 6.4.0 , < 6.4.0.96 (custom) Affected: 6.5.0 , < 6.5.0.102 (custom) Affected: 6.6.0 , < 6.6.0.198 (custom) |
||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||
Credits
Anonymous working with Trend Micro Zero Day Initiative
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-7074",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-02T17:04:40.480620Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-02T17:05:49.920Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WSO2 Enterprise Integrator",
"vendor": "WSO2",
"versions": [
{
"lessThan": "6.0.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "6.0.0.21",
"status": "affected",
"version": "6.0.0",
"versionType": "custom"
},
{
"lessThan": "6.1.0.38",
"status": "affected",
"version": "6.1.0",
"versionType": "custom"
},
{
"lessThan": "6.1.1.42",
"status": "affected",
"version": "6.1.1",
"versionType": "custom"
},
{
"lessThan": "6.2.0.61",
"status": "affected",
"version": "6.2.0",
"versionType": "custom"
},
{
"lessThan": "6.3.0.69",
"status": "affected",
"version": "6.3.0",
"versionType": "custom"
},
{
"lessThan": "6.4.0.96",
"status": "affected",
"version": "6.4.0",
"versionType": "custom"
},
{
"lessThan": "6.5.0.102",
"status": "affected",
"version": "6.5.0",
"versionType": "custom"
},
{
"lessThan": "6.6.0.198",
"status": "affected",
"version": "6.6.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 API Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "2.0.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "2.0.0.28",
"status": "affected",
"version": "2.0.0",
"versionType": "custom"
},
{
"lessThan": "2.1.0.38",
"status": "affected",
"version": "2.1.0",
"versionType": "custom"
},
{
"lessThan": "2.2.0.57",
"status": "affected",
"version": "2.2.0",
"versionType": "custom"
},
{
"lessThan": "2.5.0.83",
"status": "affected",
"version": "2.5.0",
"versionType": "custom"
},
{
"lessThan": "2.6.0.143",
"status": "affected",
"version": "2.6.0",
"versionType": "custom"
},
{
"lessThan": "3.0.0.162",
"status": "affected",
"version": "3.0.0",
"versionType": "custom"
},
{
"lessThan": "3.1.0.293",
"status": "affected",
"version": "3.1.0",
"versionType": "custom"
},
{
"lessThan": "3.2.0.384",
"status": "affected",
"version": "3.2.0",
"versionType": "custom"
},
{
"lessThan": "3.2.1.16",
"status": "affected",
"version": "3.2.1",
"versionType": "custom"
},
{
"lessThan": "4.0.0.305",
"status": "affected",
"version": "4.0.0",
"versionType": "custom"
},
{
"lessThan": "4.1.0.166",
"status": "affected",
"version": "4.1.0",
"versionType": "custom"
},
{
"lessThan": "4.2.0.100",
"status": "affected",
"version": "4.2.0",
"versionType": "custom"
},
{
"lessThan": "4.3.0.16",
"status": "affected",
"version": "4.3.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "WSO2 Enterprise Service Bus",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.9.0.10",
"status": "affected",
"version": "4.9.0",
"versionType": "custom"
},
{
"lessThan": "5.0.0.28",
"status": "affected",
"version": "5.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "WSO2 Enterprise Mobility Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "2.2.0.27",
"status": "affected",
"version": "2.2.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Micro Integrator",
"vendor": "WSO2",
"versions": [
{
"lessThan": "1.0.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "1.0.0.49",
"status": "affected",
"version": "1.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Open Banking AM",
"vendor": "WSO2",
"versions": [
{
"lessThan": "1.3.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "1.3.0.132",
"status": "affected",
"version": "1.3.0",
"versionType": "custom"
},
{
"lessThan": "1.4.0.135",
"status": "affected",
"version": "1.4.0",
"versionType": "custom"
},
{
"lessThan": "1.5.0.137",
"status": "affected",
"version": "1.5.0",
"versionType": "custom"
},
{
"lessThan": "2.0.0.342",
"status": "affected",
"version": "2.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"packageName": "org.wso2.carbon.mediation:org.wso2.carbon.mediation.artifactuploader",
"product": "WSO2 Carbon Synapse Artifact Uploader BE",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.4.10.3",
"status": "affected",
"version": "4.4.10",
"versionType": "custom"
},
{
"lessThan": "4.6.1.4",
"status": "affected",
"version": "4.6.1",
"versionType": "custom"
},
{
"lessThan": "4.6.6.9",
"status": "affected",
"version": "4.6.6",
"versionType": "custom"
},
{
"lessThan": "4.6.10.4",
"status": "affected",
"version": "4.6.10",
"versionType": "custom"
},
{
"lessThan": "4.6.16.2",
"status": "affected",
"version": "4.6.16",
"versionType": "custom"
},
{
"lessThan": "4.6.19.10",
"status": "affected",
"version": "4.6.19",
"versionType": "custom"
},
{
"lessThan": "4.6.64.2",
"status": "affected",
"version": "4.6.64",
"versionType": "custom"
},
{
"lessThan": "4.6.67.15",
"status": "affected",
"version": "4.6.67",
"versionType": "custom"
},
{
"lessThan": "4.6.89.12",
"status": "affected",
"version": "4.6.89",
"versionType": "custom"
},
{
"lessThan": "4.6.105.59",
"status": "affected",
"version": "4.6.105",
"versionType": "custom"
},
{
"lessThan": "4.6.150.11",
"status": "affected",
"version": "4.6.150",
"versionType": "custom"
},
{
"lessThan": "4.7.20.5",
"status": "affected",
"version": "4.7.20",
"versionType": "custom"
},
{
"lessThan": "4.7.30.42",
"status": "affected",
"version": "4.7.30",
"versionType": "custom"
},
{
"lessThan": "4.7.35.5",
"status": "affected",
"version": "4.7.35",
"versionType": "custom"
},
{
"lessThan": "4.7.61.56",
"status": "affected",
"version": "4.7.61",
"versionType": "custom"
},
{
"lessThan": "4.7.99.299",
"status": "affected",
"version": "4.7.99",
"versionType": "custom"
},
{
"lessThan": "4.7.131.15",
"status": "affected",
"version": "4.7.131",
"versionType": "custom"
},
{
"lessThan": "4.7.175.18",
"status": "affected",
"version": "4.7.175",
"versionType": "custom"
},
{
"lessThan": "4.7.188.5",
"status": "affected",
"version": "4.7.188",
"versionType": "custom"
},
{
"lessThan": "4.7.204.5",
"status": "affected",
"version": "4.7.204",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "4.7.216",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Anonymous working with Trend Micro Zero Day Initiative"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An arbitrary file upload vulnerability exists in multiple WSO2 products due to improper validation of user input in SOAP admin services. A malicious actor with administrative privileges can upload an arbitrary file to a user-controlled location on the server.\u003cbr\u003e\u003cbr\u003eBy leveraging this vulnerability, an attacker could upload a specially crafted payload, potentially achieving remote code execution (RCE) on the server. Exploitation requires valid admin credentials, limiting its impact to authorized but potentially malicious users.\u003cbr\u003e"
}
],
"value": "An arbitrary file upload vulnerability exists in multiple WSO2 products due to improper validation of user input in SOAP admin services. A malicious actor with administrative privileges can upload an arbitrary file to a user-controlled location on the server.\n\nBy leveraging this vulnerability, an attacker could upload a specially crafted payload, potentially achieving remote code execution (RCE) on the server. Exploitation requires valid admin credentials, limiting its impact to authorized but potentially malicious users."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-02T16:42:19.264Z",
"orgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"shortName": "WSO2"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2024-3566/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Follow the instructions given on \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2024/WSO2-2024-3566/#solution\"\u003ehttps://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2024/WSO2-2024-3...\u003c/a\u003e \u003cbr\u003e\u003cbr\u003e"
}
],
"value": "Follow the instructions given on https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2024/WSO2-2024-3... https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2024/WSO2-2024-3566/#solution"
}
],
"source": {
"advisory": "WSO2-2024-3566",
"discovery": "EXTERNAL"
},
"title": "Authenticated Arbitrary File Upload in Multiple WSO2 Products via SOAP Admin Service Leading to Remote Code Execution",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"assignerShortName": "WSO2",
"cveId": "CVE-2024-7074",
"datePublished": "2025-06-02T16:42:19.264Z",
"dateReserved": "2024-07-24T12:15:52.796Z",
"dateUpdated": "2025-06-02T17:05:49.920Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-7073 (GCVE-0-2024-7073)
Vulnerability from cvelistv5 – Published: 2025-06-02 16:38 – Updated: 2025-06-02 17:06
VLAI?
Summary
A server-side request forgery (SSRF) vulnerability exists in multiple WSO2 products due to improper input validation in SOAP admin services. This flaw allows unauthenticated attackers to manipulate server-side requests, enabling access to internal and external resources available through the network or filesystem.
Exploitation of this vulnerability could lead to unauthorized access to sensitive data and systems, including resources within private networks, as long as they are reachable by the affected product.
Severity ?
6.5 (Medium)
CWE
- CWE-918 - Server-Side Request Forgery (SSRF)
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| WSO2 | WSO2 Identity Server as Key Manager |
Unknown:
0 , < 5.3.0
(custom)
Affected: 5.3.0 , < 5.3.0.37 (custom) Affected: 5.5.0 , < 5.5.0.50 (custom) Affected: 5.6.0 , < 5.6.0.71 (custom) Affected: 5.7.0 , < 5.7.0.122 (custom) Affected: 5.9.0 , < 5.9.0.165 (custom) Affected: 5.10.0 , < 5.10.0.312 (custom) |
||||||||||||||||||||||
|
||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-7073",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-02T17:04:26.386536Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-02T17:06:05.767Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WSO2 Identity Server as Key Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "5.3.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "5.3.0.37",
"status": "affected",
"version": "5.3.0",
"versionType": "custom"
},
{
"lessThan": "5.5.0.50",
"status": "affected",
"version": "5.5.0",
"versionType": "custom"
},
{
"lessThan": "5.6.0.71",
"status": "affected",
"version": "5.6.0",
"versionType": "custom"
},
{
"lessThan": "5.7.0.122",
"status": "affected",
"version": "5.7.0",
"versionType": "custom"
},
{
"lessThan": "5.9.0.165",
"status": "affected",
"version": "5.9.0",
"versionType": "custom"
},
{
"lessThan": "5.10.0.312",
"status": "affected",
"version": "5.10.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Identity Server",
"vendor": "WSO2",
"versions": [
{
"lessThan": "5.2.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "5.2.0.32",
"status": "affected",
"version": "5.2.0",
"versionType": "custom"
},
{
"lessThan": "5.3.0.32",
"status": "affected",
"version": "5.3.0",
"versionType": "custom"
},
{
"lessThan": "5.4.0.31",
"status": "affected",
"version": "5.4.0",
"versionType": "custom"
},
{
"lessThan": "5.4.1.36",
"status": "affected",
"version": "5.4.1",
"versionType": "custom"
},
{
"lessThan": "5.5.0.49",
"status": "affected",
"version": "5.5.0",
"versionType": "custom"
},
{
"lessThan": "5.6.0.57",
"status": "affected",
"version": "5.6.0",
"versionType": "custom"
},
{
"lessThan": "5.7.0.123",
"status": "affected",
"version": "5.7.0",
"versionType": "custom"
},
{
"lessThan": "5.8.0.105",
"status": "affected",
"version": "5.8.0",
"versionType": "custom"
},
{
"lessThan": "5.9.0.156",
"status": "affected",
"version": "5.9.0",
"versionType": "custom"
},
{
"lessThan": "5.10.0.318",
"status": "affected",
"version": "5.10.0",
"versionType": "custom"
},
{
"lessThan": "5.11.0.364",
"status": "affected",
"version": "5.11.0",
"versionType": "custom"
},
{
"lessThan": "6.0.0.208",
"status": "affected",
"version": "6.0.0",
"versionType": "custom"
},
{
"lessThan": "6.1.0.187",
"status": "affected",
"version": "6.1.0",
"versionType": "custom"
},
{
"lessThan": "7.0.0.59",
"status": "affected",
"version": "7.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Open Banking KM",
"vendor": "WSO2",
"versions": [
{
"lessThan": "1.3.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "1.3.0.114",
"status": "affected",
"version": "1.3.0",
"versionType": "custom"
},
{
"lessThan": "1.4.0.130",
"status": "affected",
"version": "1.4.0",
"versionType": "custom"
},
{
"lessThan": "1.5.0.120",
"status": "affected",
"version": "1.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Open Banking IAM",
"vendor": "WSO2",
"versions": [
{
"lessThan": "2.0.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "2.0.0.363",
"status": "affected",
"version": "2.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"packageName": "org.wso2.carbon.identity.framework:org.wso2.carbon.policyeditor",
"product": "WSO2 Carbon Policy Editor BE",
"vendor": "WSO2",
"versions": [
{
"lessThan": "5.2.2.14",
"status": "affected",
"version": "5.2.2",
"versionType": "custom"
},
{
"lessThan": "5.7.5.15",
"status": "affected",
"version": "5.7.5",
"versionType": "custom"
},
{
"lessThan": "5.10.86.5",
"status": "affected",
"version": "5.10.86",
"versionType": "custom"
},
{
"lessThan": "5.10.112.16",
"status": "affected",
"version": "5.10.112",
"versionType": "custom"
},
{
"lessThan": "5.11.148.15",
"status": "affected",
"version": "5.11.148",
"versionType": "custom"
},
{
"lessThan": "5.11.256.17",
"status": "affected",
"version": "5.11.256",
"versionType": "custom"
},
{
"lessThan": "5.12.153.59",
"status": "affected",
"version": "5.12.153",
"versionType": "custom"
},
{
"lessThan": "5.12.387.42",
"status": "affected",
"version": "5.12.387",
"versionType": "custom"
},
{
"lessThan": "5.14.97.76",
"status": "affected",
"version": "5.14.97",
"versionType": "custom"
},
{
"lessThan": "5.17.5.284",
"status": "affected",
"version": "5.17.5",
"versionType": "custom"
},
{
"lessThan": "5.18.187.268",
"status": "affected",
"version": "5.18.187",
"versionType": "custom"
},
{
"lessThan": "5.23.8.186",
"status": "affected",
"version": "5.23.8",
"versionType": "custom"
},
{
"lessThan": "5.25.92.95",
"status": "affected",
"version": "5.25.92",
"versionType": "custom"
},
{
"lessThan": "7.0.78.35",
"status": "affected",
"version": "7.0.78",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "7.4.3",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A server-side request forgery (SSRF) vulnerability exists in multiple WSO2 products due to improper input validation in SOAP admin services. This flaw allows unauthenticated attackers to manipulate server-side requests, enabling access to internal and external resources available through the network or filesystem.\u003cbr\u003e\u003cbr\u003eExploitation of this vulnerability could lead to unauthorized access to sensitive data and systems, including resources within private networks, as long as they are reachable by the affected product.\u003cbr\u003e"
}
],
"value": "A server-side request forgery (SSRF) vulnerability exists in multiple WSO2 products due to improper input validation in SOAP admin services. This flaw allows unauthenticated attackers to manipulate server-side requests, enabling access to internal and external resources available through the network or filesystem.\n\nExploitation of this vulnerability could lead to unauthorized access to sensitive data and systems, including resources within private networks, as long as they are reachable by the affected product."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "CWE-918 Server-Side Request Forgery (SSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-02T16:38:33.113Z",
"orgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"shortName": "WSO2"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2024/WSO2-2024-3562"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Follow the instructions given on \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2024/WSO2-2024-3562/#solution\"\u003ehttps://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2024/WSO2-2024-3...\u003c/a\u003e \u003cbr\u003e\u003cbr\u003e"
}
],
"value": "Follow the instructions given on https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2024/WSO2-2024-3... https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2024/WSO2-2024-3562/#solution"
}
],
"source": {
"advisory": "WSO2-2024-3562",
"discovery": "INTERNAL"
},
"title": "Unauthenticated Server-Side Request Forgery (SSRF) in Multiple WSO2 Products via SOAP Admin Services",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"assignerShortName": "WSO2",
"cveId": "CVE-2024-7073",
"datePublished": "2025-06-02T16:38:33.113Z",
"dateReserved": "2024-07-24T12:09:10.530Z",
"dateUpdated": "2025-06-02T17:06:05.767Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-7097 (GCVE-0-2024-7097)
Vulnerability from cvelistv5 – Published: 2025-05-30 15:04 – Updated: 2025-05-30 16:12
VLAI?
Summary
An incorrect authorization vulnerability exists in multiple WSO2 products due to a flaw in the SOAP admin service, which allows user account creation regardless of the self-registration configuration settings. This vulnerability enables malicious actors to create new user accounts without proper authorization.
Exploitation of this flaw could allow an attacker to create multiple low-privileged user accounts, gaining unauthorized access to the system. Additionally, continuous exploitation could lead to system resource exhaustion through mass user creation.
Severity ?
4.3 (Medium)
CWE
- CWE-863 - Incorrect Authorization
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| WSO2 | WSO2 Open Banking AM |
Unknown:
0 , < 1.3.0
(custom)
Affected: 1.3.0 , < 1.3.0.131 (custom) Affected: 1.4.0 , < 1.4.0.134 (custom) Affected: 1.5.0 , < 1.5.0.136 (custom) Affected: 2.0.0 , < 2.0.0.343 (custom) |
||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-7097",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-30T16:05:35.324157Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863 Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-30T16:12:44.804Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WSO2 Open Banking AM",
"vendor": "WSO2",
"versions": [
{
"lessThan": "1.3.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "1.3.0.131",
"status": "affected",
"version": "1.3.0",
"versionType": "custom"
},
{
"lessThan": "1.4.0.134",
"status": "affected",
"version": "1.4.0",
"versionType": "custom"
},
{
"lessThan": "1.5.0.136",
"status": "affected",
"version": "1.5.0",
"versionType": "custom"
},
{
"lessThan": "2.0.0.343",
"status": "affected",
"version": "2.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Open Banking KM",
"vendor": "WSO2",
"versions": [
{
"lessThan": "1.3.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "1.3.0.114",
"status": "affected",
"version": "1.3.0",
"versionType": "custom"
},
{
"lessThan": "1.4.0.130",
"status": "affected",
"version": "1.4.0",
"versionType": "custom"
},
{
"lessThan": "1.5.0.120",
"status": "affected",
"version": "1.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Identity Server as Key Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "5.3.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "5.3.0.38",
"status": "affected",
"version": "5.3.0",
"versionType": "custom"
},
{
"lessThan": "5.5.0.51",
"status": "affected",
"version": "5.5.0",
"versionType": "custom"
},
{
"lessThan": "5.6.0.72",
"status": "affected",
"version": "5.6.0",
"versionType": "custom"
},
{
"lessThan": "5.7.0.122",
"status": "affected",
"version": "5.7.0",
"versionType": "custom"
},
{
"lessThan": "5.9.0.165",
"status": "affected",
"version": "5.9.0",
"versionType": "custom"
},
{
"lessThan": "5.10.0.312",
"status": "affected",
"version": "5.10.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 API Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "2.0.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "2.0.0.29",
"status": "affected",
"version": "2.0.0",
"versionType": "custom"
},
{
"lessThan": "2.1.0.39",
"status": "affected",
"version": "2.1.0",
"versionType": "custom"
},
{
"lessThan": "2.2.0.56",
"status": "affected",
"version": "2.2.0",
"versionType": "custom"
},
{
"lessThan": "2.5.0.83",
"status": "affected",
"version": "2.5.0",
"versionType": "custom"
},
{
"lessThan": "2.6.0.142",
"status": "affected",
"version": "2.6.0",
"versionType": "custom"
},
{
"lessThan": "3.0.0.162",
"status": "affected",
"version": "3.0.0",
"versionType": "custom"
},
{
"lessThan": "3.1.0.294",
"status": "affected",
"version": "3.1.0",
"versionType": "custom"
},
{
"lessThan": "3.2.0.384",
"status": "affected",
"version": "3.2.0",
"versionType": "custom"
},
{
"lessThan": "3.2.1.16",
"status": "affected",
"version": "3.2.1",
"versionType": "custom"
},
{
"lessThan": "4.0.0.305",
"status": "affected",
"version": "4.0.0",
"versionType": "custom"
},
{
"lessThan": "4.1.0.166",
"status": "affected",
"version": "4.1.0",
"versionType": "custom"
},
{
"lessThan": "4.2.0.101",
"status": "affected",
"version": "4.2.0",
"versionType": "custom"
},
{
"lessThan": "4.3.0.16",
"status": "affected",
"version": "4.3.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Identity Server",
"vendor": "WSO2",
"versions": [
{
"lessThan": "5.2.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "5.2.0.32",
"status": "affected",
"version": "5.2.0",
"versionType": "custom"
},
{
"lessThan": "5.3.0.33",
"status": "affected",
"version": "5.3.0",
"versionType": "custom"
},
{
"lessThan": "5.4.0.32",
"status": "affected",
"version": "5.4.0",
"versionType": "custom"
},
{
"lessThan": "5.4.1.36",
"status": "affected",
"version": "5.4.1",
"versionType": "custom"
},
{
"lessThan": "5.5.0.50",
"status": "affected",
"version": "5.5.0",
"versionType": "custom"
},
{
"lessThan": "5.6.0.58",
"status": "affected",
"version": "5.6.0",
"versionType": "custom"
},
{
"lessThan": "5.7.0.123",
"status": "affected",
"version": "5.7.0",
"versionType": "custom"
},
{
"lessThan": "5.8.0.106",
"status": "affected",
"version": "5.8.0",
"versionType": "custom"
},
{
"lessThan": "5.9.0.157",
"status": "affected",
"version": "5.9.0",
"versionType": "custom"
},
{
"lessThan": "5.10.0.318",
"status": "affected",
"version": "5.10.0",
"versionType": "custom"
},
{
"lessThan": "5.11.0.365",
"status": "affected",
"version": "5.11.0",
"versionType": "custom"
},
{
"lessThan": "6.0.0.209",
"status": "affected",
"version": "6.0.0",
"versionType": "custom"
},
{
"lessThan": "6.1.0.188",
"status": "affected",
"version": "6.1.0",
"versionType": "custom"
},
{
"lessThan": "7.0.0.60",
"status": "affected",
"version": "7.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Open Banking IAM",
"vendor": "WSO2",
"versions": [
{
"lessThan": "2.0.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "2.0.0.364",
"status": "affected",
"version": "2.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "WSO2 Enterprise Mobility Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "2.2.0.26",
"status": "affected",
"version": "2.2.0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An incorrect authorization vulnerability exists in multiple WSO2 products due to a flaw in the SOAP admin service, which allows user account creation regardless of the self-registration configuration settings. This vulnerability enables malicious actors to create new user accounts without proper authorization.\u003cbr\u003e\u003cbr\u003eExploitation of this flaw could allow an attacker to create multiple low-privileged user accounts, gaining unauthorized access to the system. Additionally, continuous exploitation could lead to system resource exhaustion through mass user creation.\u003cbr\u003e"
}
],
"value": "An incorrect authorization vulnerability exists in multiple WSO2 products due to a flaw in the SOAP admin service, which allows user account creation regardless of the self-registration configuration settings. This vulnerability enables malicious actors to create new user accounts without proper authorization.\n\nExploitation of this flaw could allow an attacker to create multiple low-privileged user accounts, gaining unauthorized access to the system. Additionally, continuous exploitation could lead to system resource exhaustion through mass user creation."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-30T15:04:09.940Z",
"orgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"shortName": "WSO2"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2024/WSO2-2024-3574/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: transparent;\"\u003eFollow the instructions given on\u0026nbsp;\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2024/WSO2-2024-3574/#solution\"\u003ehttps://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2024/WSO2-2024-3...\u003c/a\u003e\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Follow the instructions given on\u00a0 https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2024/WSO2-2024-3... https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2024/WSO2-2024-3574/#solution"
}
],
"source": {
"advisory": "WSO2-2024-3574",
"discovery": "INTERNAL"
},
"title": "Incorrect Authorization in Multiple WSO2 Products via SOAP Admin Service Allowing Unauthorized User Signup",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"assignerShortName": "WSO2",
"cveId": "CVE-2024-7097",
"datePublished": "2025-05-30T15:04:09.940Z",
"dateReserved": "2024-07-25T07:26:31.718Z",
"dateUpdated": "2025-05-30T16:12:44.804Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}