Search criteria
114 vulnerabilities found for identity_server_as_key_manager by wso2
FKIE_CVE-2025-10853
Vulnerability from fkie_nvd - Published: 2025-11-05 20:15 - Updated: 2025-11-13 15:31
Severity ?
5.2 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
A reflected cross-site scripting (XSS) vulnerability exists in the management console of multiple WSO2 products due to improper output encoding. By tampering with specific parameters, a malicious actor can inject arbitrary JavaScript into the response, leading to reflected XSS.
Successful exploitation could result in UI manipulation, redirection to malicious websites, or data theft from the browser. However, session-related sensitive cookies are protected with the httpOnly flag, which mitigates the risk of session hijacking.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| wso2 | api_control_plane | 4.5.0 | |
| wso2 | api_manager | 3.1.0 | |
| wso2 | api_manager | 3.2.0 | |
| wso2 | api_manager | 3.2.1 | |
| wso2 | api_manager | 4.0.0 | |
| wso2 | api_manager | 4.1.0 | |
| wso2 | api_manager | 4.2.0 | |
| wso2 | api_manager | 4.3.0 | |
| wso2 | api_manager | 4.4.0 | |
| wso2 | api_manager | 4.5.0 | |
| wso2 | enterprise_integrator | 6.6.0 | |
| wso2 | identity_server | 5.10.0 | |
| wso2 | identity_server | 5.11.0 | |
| wso2 | identity_server | 6.0.0 | |
| wso2 | identity_server | 6.1.0 | |
| wso2 | identity_server | 7.0.0 | |
| wso2 | identity_server | 7.1.0 | |
| wso2 | identity_server_as_key_manager | 5.10.0 | |
| wso2 | open_banking_am | 2.0.0 | |
| wso2 | open_banking_iam | 2.0.0 | |
| wso2 | traffic_manager | 4.5.0 | |
| wso2 | universal_gateway | 4.5.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:api_control_plane:4.5.0:-:*:*:*:*:*:*",
"matchCriteriaId": "DEEA7DB5-BBF7-44A4-9FB6-0D235A44C680",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:api_manager:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1344FB79-0796-445C-A8F3-C03E995925D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:api_manager:3.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E31E32CD-497E-4EF5-B3FC-8718EE06EDAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:api_manager:3.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B58251E8-606B-47C8-8E50-9F9FC8C179BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:api_manager:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E21D7ABF-C328-425D-B914-618C7628220B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:api_manager:4.1.0:-:*:*:*:*:*:*",
"matchCriteriaId": "51465410-6B7C-40FD-A1AB-A14F650A6AC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:api_manager:4.2.0:-:*:*:*:*:*:*",
"matchCriteriaId": "851470CC-22AB-43E4-9CC6-5E22D49B3572",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:api_manager:4.3.0:-:*:*:*:*:*:*",
"matchCriteriaId": "9EBAB99E-6F0F-4CE9-A954-E8878826304C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:api_manager:4.4.0:-:*:*:*:*:*:*",
"matchCriteriaId": "0B3E6207-B2CF-487C-9CB8-906248B665C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:api_manager:4.5.0:-:*:*:*:*:*:*",
"matchCriteriaId": "D47B760D-5418-4FB0-88F0-3F78BAFF63E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:enterprise_integrator:6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E4A07C73-3E6B-4CF9-BEB9-39C6081C0332",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:identity_server:5.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4F126CA-A2F9-44F4-968B-DF71765869E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:identity_server:5.11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2153AECE-020A-4C01-B2A6-F9F5D98E7EBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:identity_server:6.0.0:-:*:*:*:*:*:*",
"matchCriteriaId": "32CE7893-AD1A-49E5-BD1A-5E9C2DEB8764",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:identity_server:6.1.0:-:*:*:*:*:*:*",
"matchCriteriaId": "EA76533A-5BED-4BDC-B348-EB3D3FDFB110",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:identity_server:7.0.0:-:*:*:*:*:*:*",
"matchCriteriaId": "C1EFBD0F-9664-4EF3-9908-C72B1318F68F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:identity_server:7.1.0:-:*:*:*:*:*:*",
"matchCriteriaId": "A5358E6E-8C01-408D-8692-B1A326DC630F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:identity_server_as_key_manager:5.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6BB34405-A2F1-461A-B51B-E103BB3680A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:open_banking_am:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "94347800-04D2-48C4-ACF0-078A5ACBB063",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:open_banking_iam:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D7C241A3-8EA0-41E4-ABF3-21B9D8E7A5BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:traffic_manager:4.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C7413107-D7B2-49AE-AC46-52E7BFCD6ED8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:universal_gateway:4.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "61636553-C25E-44DF-93D7-EB3E1056D1DC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A reflected cross-site scripting (XSS) vulnerability exists in the management console of multiple WSO2 products due to improper output encoding. By tampering with specific parameters, a malicious actor can inject arbitrary JavaScript into the response, leading to reflected XSS.\n\nSuccessful exploitation could result in UI manipulation, redirection to malicious websites, or data theft from the browser. However, session-related sensitive cookies are protected with the httpOnly flag, which mitigates the risk of session hijacking."
}
],
"id": "CVE-2025-10853",
"lastModified": "2025-11-13T15:31:45.670",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.1,
"impactScore": 2.7,
"source": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2025-11-05T20:15:32.297",
"references": [
{
"source": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"tags": [
"Vendor Advisory"
],
"url": "https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4486/"
}
],
"sourceIdentifier": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"type": "Secondary"
}
]
}
FKIE_CVE-2025-10907
Vulnerability from fkie_nvd - Published: 2025-11-05 18:15 - Updated: 2025-12-04 21:07
Severity ?
8.4 (High) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
An arbitrary file upload vulnerability exists in multiple WSO2 products due to insufficient validation of uploaded content and destination in SOAP admin services. A malicious actor with administrative privileges can upload a specially crafted file to a user-controlled location within the deployment.
Successful exploitation may lead to remote code execution (RCE) on the server, depending on how the uploaded file is processed. By default, this vulnerability is only exploitable by users with administrative access to the affected SOAP services.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| wso2 | api_control_plane | 4.5.0 | |
| wso2 | api_manager | 3.1.0 | |
| wso2 | api_manager | 3.2.0 | |
| wso2 | api_manager | 3.2.1 | |
| wso2 | api_manager | 4.0.0 | |
| wso2 | api_manager | 4.1.0 | |
| wso2 | api_manager | 4.2.0 | |
| wso2 | api_manager | 4.3.0 | |
| wso2 | api_manager | 4.4.0 | |
| wso2 | api_manager | 4.5.0 | |
| wso2 | enterprise_integrator | 6.6.0 | |
| wso2 | identity_server | 5.10.0 | |
| wso2 | identity_server | 5.11.0 | |
| wso2 | identity_server | 6.0.0 | |
| wso2 | identity_server | 6.1.0 | |
| wso2 | identity_server | 7.0.0 | |
| wso2 | identity_server | 7.1.0 | |
| wso2 | identity_server_as_key_manager | 5.10.0 | |
| wso2 | open_banking_am | 2.0.0 | |
| wso2 | open_banking_iam | 2.0.0 | |
| wso2 | traffic_manager | 4.5.0 | |
| wso2 | universal_gateway | 4.5.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:api_control_plane:4.5.0:-:*:*:*:*:*:*",
"matchCriteriaId": "DEEA7DB5-BBF7-44A4-9FB6-0D235A44C680",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:api_manager:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1344FB79-0796-445C-A8F3-C03E995925D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:api_manager:3.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E31E32CD-497E-4EF5-B3FC-8718EE06EDAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:api_manager:3.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B58251E8-606B-47C8-8E50-9F9FC8C179BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:api_manager:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E21D7ABF-C328-425D-B914-618C7628220B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:api_manager:4.1.0:-:*:*:*:*:*:*",
"matchCriteriaId": "51465410-6B7C-40FD-A1AB-A14F650A6AC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:api_manager:4.2.0:-:*:*:*:*:*:*",
"matchCriteriaId": "851470CC-22AB-43E4-9CC6-5E22D49B3572",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:api_manager:4.3.0:-:*:*:*:*:*:*",
"matchCriteriaId": "9EBAB99E-6F0F-4CE9-A954-E8878826304C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:api_manager:4.4.0:-:*:*:*:*:*:*",
"matchCriteriaId": "0B3E6207-B2CF-487C-9CB8-906248B665C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:api_manager:4.5.0:-:*:*:*:*:*:*",
"matchCriteriaId": "D47B760D-5418-4FB0-88F0-3F78BAFF63E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:enterprise_integrator:6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E4A07C73-3E6B-4CF9-BEB9-39C6081C0332",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:identity_server:5.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4F126CA-A2F9-44F4-968B-DF71765869E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:identity_server:5.11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2153AECE-020A-4C01-B2A6-F9F5D98E7EBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:identity_server:6.0.0:-:*:*:*:*:*:*",
"matchCriteriaId": "32CE7893-AD1A-49E5-BD1A-5E9C2DEB8764",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:identity_server:6.1.0:-:*:*:*:*:*:*",
"matchCriteriaId": "EA76533A-5BED-4BDC-B348-EB3D3FDFB110",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:identity_server:7.0.0:-:*:*:*:*:*:*",
"matchCriteriaId": "C1EFBD0F-9664-4EF3-9908-C72B1318F68F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:identity_server:7.1.0:-:*:*:*:*:*:*",
"matchCriteriaId": "A5358E6E-8C01-408D-8692-B1A326DC630F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:identity_server_as_key_manager:5.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6BB34405-A2F1-461A-B51B-E103BB3680A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:open_banking_am:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "94347800-04D2-48C4-ACF0-078A5ACBB063",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:open_banking_iam:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D7C241A3-8EA0-41E4-ABF3-21B9D8E7A5BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:traffic_manager:4.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C7413107-D7B2-49AE-AC46-52E7BFCD6ED8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:universal_gateway:4.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "61636553-C25E-44DF-93D7-EB3E1056D1DC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An arbitrary file upload vulnerability exists in multiple WSO2 products due to insufficient validation of uploaded content and destination in SOAP admin services. A malicious actor with administrative privileges can upload a specially crafted file to a user-controlled location within the deployment.\n\nSuccessful exploitation may lead to remote code execution (RCE) on the server, depending on how the uploaded file is processed. By default, this vulnerability is only exploitable by users with administrative access to the affected SOAP services."
}
],
"id": "CVE-2025-10907",
"lastModified": "2025-12-04T21:07:22.130",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.7,
"impactScore": 6.0,
"source": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2025-11-05T18:15:33.347",
"references": [
{
"source": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"tags": [
"Vendor Advisory"
],
"url": "https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4603/"
}
],
"sourceIdentifier": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-434"
}
],
"source": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"type": "Secondary"
}
]
}
FKIE_CVE-2025-3125
Vulnerability from fkie_nvd - Published: 2025-11-05 15:15 - Updated: 2025-12-04 21:06
Severity ?
6.7 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
An arbitrary file upload vulnerability exists in multiple WSO2 products due to improper input validation in the CarbonAppUploader admin service endpoint. An authenticated attacker with appropriate privileges can upload a malicious file to a user-controlled location on the server, potentially leading to remote code execution (RCE).
This functionality is restricted by default to admin users; therefore, successful exploitation requires valid credentials with administrative permissions.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| wso2 | api_control_plane | 4.5.0 | |
| wso2 | api_manager | 3.2.0 | |
| wso2 | api_manager | 3.2.1 | |
| wso2 | api_manager | 4.0.0 | |
| wso2 | api_manager | 4.1.0 | |
| wso2 | api_manager | 4.2.0 | |
| wso2 | api_manager | 4.3.0 | |
| wso2 | api_manager | 4.4.0 | |
| wso2 | api_manager | 4.5.0 | |
| wso2 | enterprise_integrator | 6.6.0 | |
| wso2 | identity_server | 5.10.0 | |
| wso2 | identity_server | 5.11.0 | |
| wso2 | identity_server | 6.0.0 | |
| wso2 | identity_server | 6.1.0 | |
| wso2 | identity_server | 7.0.0 | |
| wso2 | identity_server_as_key_manager | 5.10.0 | |
| wso2 | open_banking_iam | 2.0.0 | |
| wso2 | traffic_manager | 4.5.0 | |
| wso2 | universal_gateway | 4.5.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:api_control_plane:4.5.0:-:*:*:*:*:*:*",
"matchCriteriaId": "DEEA7DB5-BBF7-44A4-9FB6-0D235A44C680",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:api_manager:3.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E31E32CD-497E-4EF5-B3FC-8718EE06EDAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:api_manager:3.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B58251E8-606B-47C8-8E50-9F9FC8C179BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:api_manager:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E21D7ABF-C328-425D-B914-618C7628220B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:api_manager:4.1.0:-:*:*:*:*:*:*",
"matchCriteriaId": "51465410-6B7C-40FD-A1AB-A14F650A6AC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:api_manager:4.2.0:-:*:*:*:*:*:*",
"matchCriteriaId": "851470CC-22AB-43E4-9CC6-5E22D49B3572",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:api_manager:4.3.0:-:*:*:*:*:*:*",
"matchCriteriaId": "9EBAB99E-6F0F-4CE9-A954-E8878826304C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:api_manager:4.4.0:-:*:*:*:*:*:*",
"matchCriteriaId": "0B3E6207-B2CF-487C-9CB8-906248B665C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:api_manager:4.5.0:-:*:*:*:*:*:*",
"matchCriteriaId": "D47B760D-5418-4FB0-88F0-3F78BAFF63E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:enterprise_integrator:6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E4A07C73-3E6B-4CF9-BEB9-39C6081C0332",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:identity_server:5.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4F126CA-A2F9-44F4-968B-DF71765869E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:identity_server:5.11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2153AECE-020A-4C01-B2A6-F9F5D98E7EBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:identity_server:6.0.0:-:*:*:*:*:*:*",
"matchCriteriaId": "32CE7893-AD1A-49E5-BD1A-5E9C2DEB8764",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:identity_server:6.1.0:-:*:*:*:*:*:*",
"matchCriteriaId": "EA76533A-5BED-4BDC-B348-EB3D3FDFB110",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:identity_server:7.0.0:-:*:*:*:*:*:*",
"matchCriteriaId": "C1EFBD0F-9664-4EF3-9908-C72B1318F68F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:identity_server_as_key_manager:5.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6BB34405-A2F1-461A-B51B-E103BB3680A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:open_banking_iam:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D7C241A3-8EA0-41E4-ABF3-21B9D8E7A5BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:traffic_manager:4.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C7413107-D7B2-49AE-AC46-52E7BFCD6ED8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:universal_gateway:4.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "61636553-C25E-44DF-93D7-EB3E1056D1DC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An arbitrary file upload vulnerability exists in multiple WSO2 products due to improper input validation in the CarbonAppUploader admin service endpoint. An authenticated attacker with appropriate privileges can upload a malicious file to a user-controlled location on the server, potentially leading to remote code execution (RCE).\n\nThis functionality is restricted by default to admin users; therefore, successful exploitation requires valid credentials with administrative permissions."
}
],
"id": "CVE-2025-3125",
"lastModified": "2025-12-04T21:06:46.690",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.5,
"source": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2025-11-05T15:15:33.953",
"references": [
{
"source": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"tags": [
"Vendor Advisory"
],
"url": "https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-3961/"
}
],
"sourceIdentifier": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-434"
}
],
"source": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"type": "Secondary"
}
]
}
FKIE_CVE-2025-5605
Vulnerability from fkie_nvd - Published: 2025-10-24 10:15 - Updated: 2025-11-21 14:20
Severity ?
4.3 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Summary
An authentication bypass vulnerability exists in the Management Console of multiple WSO2 products. A malicious actor with access to the console can manipulate the request URI to bypass authentication and access certain restricted resources, resulting in partial information disclosure.
The known exposure from this issue is limited to memory statistics. While the vulnerability does not allow full account compromise, it still enables unauthorized access to internal system details.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| wso2 | api_control_plane | 4.5.0 | |
| wso2 | api_manager | 3.1.0 | |
| wso2 | api_manager | 3.2.0 | |
| wso2 | api_manager | 3.2.1 | |
| wso2 | api_manager | 4.0.0 | |
| wso2 | api_manager | 4.1.0 | |
| wso2 | api_manager | 4.2.0 | |
| wso2 | api_manager | 4.3.0 | |
| wso2 | api_manager | 4.4.0 | |
| wso2 | api_manager | 4.5.0 | |
| wso2 | enterprise_integrator | 6.6.0 | |
| wso2 | identity_server | 5.10.0 | |
| wso2 | identity_server | 5.11.0 | |
| wso2 | identity_server | 6.0.0 | |
| wso2 | identity_server | 6.1.0 | |
| wso2 | identity_server | 7.0.0 | |
| wso2 | identity_server | 7.1.0 | |
| wso2 | identity_server_as_key_manager | 5.10.0 | |
| wso2 | open_banking_am | 2.0.0 | |
| wso2 | open_banking_iam | 2.0.0 | |
| wso2 | traffic_manager | 4.5.0 | |
| wso2 | universal_gateway | 4.5.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:api_control_plane:4.5.0:-:*:*:*:*:*:*",
"matchCriteriaId": "DEEA7DB5-BBF7-44A4-9FB6-0D235A44C680",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:api_manager:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1344FB79-0796-445C-A8F3-C03E995925D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:api_manager:3.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E31E32CD-497E-4EF5-B3FC-8718EE06EDAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:api_manager:3.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B58251E8-606B-47C8-8E50-9F9FC8C179BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:api_manager:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E21D7ABF-C328-425D-B914-618C7628220B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:api_manager:4.1.0:-:*:*:*:*:*:*",
"matchCriteriaId": "51465410-6B7C-40FD-A1AB-A14F650A6AC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:api_manager:4.2.0:-:*:*:*:*:*:*",
"matchCriteriaId": "851470CC-22AB-43E4-9CC6-5E22D49B3572",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:api_manager:4.3.0:-:*:*:*:*:*:*",
"matchCriteriaId": "9EBAB99E-6F0F-4CE9-A954-E8878826304C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:api_manager:4.4.0:-:*:*:*:*:*:*",
"matchCriteriaId": "0B3E6207-B2CF-487C-9CB8-906248B665C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:api_manager:4.5.0:-:*:*:*:*:*:*",
"matchCriteriaId": "D47B760D-5418-4FB0-88F0-3F78BAFF63E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:enterprise_integrator:6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E4A07C73-3E6B-4CF9-BEB9-39C6081C0332",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:identity_server:5.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4F126CA-A2F9-44F4-968B-DF71765869E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:identity_server:5.11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2153AECE-020A-4C01-B2A6-F9F5D98E7EBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:identity_server:6.0.0:-:*:*:*:*:*:*",
"matchCriteriaId": "32CE7893-AD1A-49E5-BD1A-5E9C2DEB8764",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:identity_server:6.1.0:-:*:*:*:*:*:*",
"matchCriteriaId": "EA76533A-5BED-4BDC-B348-EB3D3FDFB110",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:identity_server:7.0.0:-:*:*:*:*:*:*",
"matchCriteriaId": "C1EFBD0F-9664-4EF3-9908-C72B1318F68F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:identity_server:7.1.0:-:*:*:*:*:*:*",
"matchCriteriaId": "A5358E6E-8C01-408D-8692-B1A326DC630F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:identity_server_as_key_manager:5.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6BB34405-A2F1-461A-B51B-E103BB3680A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:open_banking_am:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "94347800-04D2-48C4-ACF0-078A5ACBB063",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:open_banking_iam:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D7C241A3-8EA0-41E4-ABF3-21B9D8E7A5BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:traffic_manager:4.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C7413107-D7B2-49AE-AC46-52E7BFCD6ED8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:universal_gateway:4.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "61636553-C25E-44DF-93D7-EB3E1056D1DC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An authentication bypass vulnerability exists in the Management Console of multiple WSO2 products. A malicious actor with access to the console can manipulate the request URI to bypass authentication and access certain restricted resources, resulting in partial information disclosure.\n\nThe known exposure from this issue is limited to memory statistics. While the vulnerability does not allow full account compromise, it still enables unauthorized access to internal system details."
}
],
"id": "CVE-2025-5605",
"lastModified": "2025-11-21T14:20:43.277",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2025-10-24T10:15:39.160",
"references": [
{
"source": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"tags": [
"Vendor Advisory"
],
"url": "https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4115/"
}
],
"sourceIdentifier": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-290"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
FKIE_CVE-2025-5350
Vulnerability from fkie_nvd - Published: 2025-10-24 10:15 - Updated: 2025-11-21 14:33
Severity ?
5.9 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L
4.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
4.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
Summary
SSRF and Reflected XSS Vulnerabilities exist in multiple WSO2 products within the deprecated Try-It feature, which was accessible only to administrative users. This feature accepted user-supplied URLs without proper validation, leading to server-side request forgery (SSRF). Additionally, the retrieved content was directly reflected in the HTTP response, enabling reflected cross-site scripting (XSS) in the admin user's browser context.
By tricking an administrator into accessing a crafted link, an attacker could force the server to fetch malicious content and reflect it into the admin’s browser, leading to arbitrary JavaScript execution for UI manipulation or data exfiltration. While session cookies are protected with the HttpOnly flag, the XSS still poses a significant security risk.
Furthermore, SSRF can be used by a privileged user to query internal services, potentially aiding in internal network enumeration if the target endpoints are reachable from the affected product.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| wso2 | api_control_plane | 4.5.0 | |
| wso2 | api_manager | 3.1.0 | |
| wso2 | api_manager | 3.2.0 | |
| wso2 | api_manager | 3.2.1 | |
| wso2 | api_manager | 4.0.0 | |
| wso2 | api_manager | 4.1.0 | |
| wso2 | api_manager | 4.2.0 | |
| wso2 | api_manager | 4.3.0 | |
| wso2 | api_manager | 4.4.0 | |
| wso2 | api_manager | 4.5.0 | |
| wso2 | enterprise_integrator | 6.6.0 | |
| wso2 | identity_server | 5.10.0 | |
| wso2 | identity_server | 5.11.0 | |
| wso2 | identity_server | 6.0.0 | |
| wso2 | identity_server | 6.1.0 | |
| wso2 | identity_server | 7.0.0 | |
| wso2 | identity_server | 7.1.0 | |
| wso2 | identity_server_as_key_manager | 5.10.0 | |
| wso2 | open_banking_am | 2.0.0 | |
| wso2 | open_banking_iam | 2.0.0 | |
| wso2 | traffic_manager | 4.5.0 | |
| wso2 | universal_gateway | 4.5.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:api_control_plane:4.5.0:-:*:*:*:*:*:*",
"matchCriteriaId": "DEEA7DB5-BBF7-44A4-9FB6-0D235A44C680",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:api_manager:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1344FB79-0796-445C-A8F3-C03E995925D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:api_manager:3.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E31E32CD-497E-4EF5-B3FC-8718EE06EDAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:api_manager:3.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B58251E8-606B-47C8-8E50-9F9FC8C179BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:api_manager:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E21D7ABF-C328-425D-B914-618C7628220B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:api_manager:4.1.0:-:*:*:*:*:*:*",
"matchCriteriaId": "51465410-6B7C-40FD-A1AB-A14F650A6AC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:api_manager:4.2.0:-:*:*:*:*:*:*",
"matchCriteriaId": "851470CC-22AB-43E4-9CC6-5E22D49B3572",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:api_manager:4.3.0:-:*:*:*:*:*:*",
"matchCriteriaId": "9EBAB99E-6F0F-4CE9-A954-E8878826304C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:api_manager:4.4.0:-:*:*:*:*:*:*",
"matchCriteriaId": "0B3E6207-B2CF-487C-9CB8-906248B665C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:api_manager:4.5.0:-:*:*:*:*:*:*",
"matchCriteriaId": "D47B760D-5418-4FB0-88F0-3F78BAFF63E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:enterprise_integrator:6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E4A07C73-3E6B-4CF9-BEB9-39C6081C0332",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:identity_server:5.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4F126CA-A2F9-44F4-968B-DF71765869E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:identity_server:5.11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2153AECE-020A-4C01-B2A6-F9F5D98E7EBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:identity_server:6.0.0:-:*:*:*:*:*:*",
"matchCriteriaId": "32CE7893-AD1A-49E5-BD1A-5E9C2DEB8764",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:identity_server:6.1.0:-:*:*:*:*:*:*",
"matchCriteriaId": "EA76533A-5BED-4BDC-B348-EB3D3FDFB110",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:identity_server:7.0.0:-:*:*:*:*:*:*",
"matchCriteriaId": "C1EFBD0F-9664-4EF3-9908-C72B1318F68F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:identity_server:7.1.0:-:*:*:*:*:*:*",
"matchCriteriaId": "A5358E6E-8C01-408D-8692-B1A326DC630F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:identity_server_as_key_manager:5.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6BB34405-A2F1-461A-B51B-E103BB3680A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:open_banking_am:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "94347800-04D2-48C4-ACF0-078A5ACBB063",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:open_banking_iam:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D7C241A3-8EA0-41E4-ABF3-21B9D8E7A5BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:traffic_manager:4.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C7413107-D7B2-49AE-AC46-52E7BFCD6ED8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:universal_gateway:4.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "61636553-C25E-44DF-93D7-EB3E1056D1DC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SSRF and Reflected XSS Vulnerabilities exist in multiple WSO2 products within the deprecated Try-It feature, which was accessible only to administrative users. This feature accepted user-supplied URLs without proper validation, leading to server-side request forgery (SSRF). Additionally, the retrieved content was directly reflected in the HTTP response, enabling reflected cross-site scripting (XSS) in the admin user\u0027s browser context.\n\nBy tricking an administrator into accessing a crafted link, an attacker could force the server to fetch malicious content and reflect it into the admin\u2019s browser, leading to arbitrary JavaScript execution for UI manipulation or data exfiltration. While session cookies are protected with the HttpOnly flag, the XSS still poses a significant security risk.\n\nFurthermore, SSRF can be used by a privileged user to query internal services, potentially aiding in internal network enumeration if the target endpoints are reachable from the affected product."
}
],
"id": "CVE-2025-5350",
"lastModified": "2025-11-21T14:33:52.920",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 1.7,
"impactScore": 3.7,
"source": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2025-10-24T10:15:38.910",
"references": [
{
"source": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"tags": [
"Vendor Advisory"
],
"url": "https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4124/"
}
],
"sourceIdentifier": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
},
{
"lang": "en",
"value": "CWE-918"
}
],
"source": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"type": "Secondary"
}
]
}
FKIE_CVE-2025-9804
Vulnerability from fkie_nvd - Published: 2025-10-16 13:15 - Updated: 2025-11-21 21:40
Severity ?
9.6 (Critical) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Summary
An improper access control vulnerability exists in multiple WSO2 products due to insufficient permission enforcement in certain internal SOAP Admin Services and System REST APIs. A low-privileged user may exploit this flaw to perform unauthorized operations, including accessing server-level information.
This vulnerability affects only internal administrative interfaces. APIs exposed through the WSO2 API Manager's API Gateway remain unaffected.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:api_control_plane:4.5.0:-:*:*:*:*:*:*",
"matchCriteriaId": "DEEA7DB5-BBF7-44A4-9FB6-0D235A44C680",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:api_manager:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C6D7E912-B0C4-4AD2-90CF-6355BA9DEEB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:api_manager:2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "245D4EB1-F69D-4FAF-94DB-F4B3D3C20539",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:api_manager:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6819491F-C6C3-41C1-B27A-0D0B62224977",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:api_manager:2.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0D57C8CF-084D-4142-9AF1-7C9F1261A3BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:api_manager:2.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BC168B6A-B15A-4C3B-A38D-C0B65F24F333",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:api_manager:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8FF14774-8935-4FC9-B5C8-9771B3D6EBFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:api_manager:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1344FB79-0796-445C-A8F3-C03E995925D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:api_manager:3.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E31E32CD-497E-4EF5-B3FC-8718EE06EDAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:api_manager:3.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B58251E8-606B-47C8-8E50-9F9FC8C179BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:api_manager:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E21D7ABF-C328-425D-B914-618C7628220B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:api_manager:4.1.0:-:*:*:*:*:*:*",
"matchCriteriaId": "51465410-6B7C-40FD-A1AB-A14F650A6AC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:api_manager:4.2.0:-:*:*:*:*:*:*",
"matchCriteriaId": "851470CC-22AB-43E4-9CC6-5E22D49B3572",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:api_manager:4.3.0:-:*:*:*:*:*:*",
"matchCriteriaId": "9EBAB99E-6F0F-4CE9-A954-E8878826304C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:api_manager:4.4.0:-:*:*:*:*:*:*",
"matchCriteriaId": "0B3E6207-B2CF-487C-9CB8-906248B665C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:api_manager:4.5.0:-:*:*:*:*:*:*",
"matchCriteriaId": "D47B760D-5418-4FB0-88F0-3F78BAFF63E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:api_manager_analytics:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2318B757-4BE3-4A45-9337-12281210964E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:api_manager_analytics:2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2D5DF76F-1578-4C10-AB38-A01979302B3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:api_manager_analytics:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "ADEAF56C-4583-40A6-826F-01AC86191AD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:api_manager_analytics:2.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "04A2A50A-872E-4CC7-BBB7-3E0956176AAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:data_analytics_server:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "941D83A5-1978-49AE-890D-E31980E2D6AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:data_analytics_server:3.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5CCDDFAB-C8FC-41C4-9872-667C442F119B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:enterprise_integrator:6.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66292C25-B0B9-4FCE-9382-57B8F6BB814A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:enterprise_integrator:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "709DC7EA-18A6-4B83-84CB-F2499BEB5D2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:enterprise_mobility_manager:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A9D6FCEF-7685-42DD-B322-AD87B5F37574",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:enterprise_service_bus:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "236C44E3-FAB5-41F2-9884-D17944EBB468",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:identity_server:5.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2689AF3E-01AA-4B79-BA55-6BB3D81E16CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:identity_server:5.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0375C318-ECD2-4657-A0D7-4A0708266FBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:identity_server:5.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B9E7D773-A7CE-4AB8-828B-C2E7DC2799AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:identity_server:5.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CEA63B98-D4B4-4FCD-A869-FE64BC21A1B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:identity_server:5.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8DA0050E-D5DD-45E5-9F61-DC1BB060EFF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:identity_server:5.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "26542F95-73F3-4906-838E-A66F5DC9DFA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:identity_server:5.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "60781FE4-38A3-4FEA-9D8B-CADE4B535974",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:identity_server:5.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2B169832-A746-49A6-8E92-06624AA9B13A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:identity_server:5.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "981D701D-E381-484A-9614-CD0EF0331071",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:identity_server:5.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4F126CA-A2F9-44F4-968B-DF71765869E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:identity_server:5.11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2153AECE-020A-4C01-B2A6-F9F5D98E7EBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:identity_server:6.0.0:-:*:*:*:*:*:*",
"matchCriteriaId": "32CE7893-AD1A-49E5-BD1A-5E9C2DEB8764",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:identity_server:6.1.0:-:*:*:*:*:*:*",
"matchCriteriaId": "EA76533A-5BED-4BDC-B348-EB3D3FDFB110",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:identity_server:7.0.0:-:*:*:*:*:*:*",
"matchCriteriaId": "C1EFBD0F-9664-4EF3-9908-C72B1318F68F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:identity_server:7.1.0:-:*:*:*:*:*:*",
"matchCriteriaId": "A5358E6E-8C01-408D-8692-B1A326DC630F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:identity_server_analytics:5.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A1116722-BC4A-4127-9BF5-DB62760BD026",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:identity_server_analytics:5.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D1AB6D32-5BD3-47F0-BDA8-3AEC1C24543F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:identity_server_analytics:5.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "42BFE7A0-A168-4C1E-8725-41DD500C837E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:identity_server_analytics:5.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5508EC5E-BEEA-49A7-BA2E-AEF40ECCB5C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:identity_server_as_key_manager:5.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "104DBA04-538E-4CC5-9B6C-CFEDB40375AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:identity_server_as_key_manager:5.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E4F0F121-700C-4D30-BAFC-960DCC56F08B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:identity_server_as_key_manager:5.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2E5761F7-C287-4EC4-A899-C54FB4E80A35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:identity_server_as_key_manager:5.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3B184BFC-8E1A-4971-B6D2-C594742AB8CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:identity_server_as_key_manager:5.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EA51AC1B-0BF6-44F6-B034-CAD4F623DD76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:identity_server_as_key_manager:5.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6BB34405-A2F1-461A-B51B-E103BB3680A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:open_banking_am:1.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8CFB56F4-91D1-4FBF-842A-04BB117CAF85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:open_banking_am:1.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "035BF3B3-1AB9-43BC-BB37-68843818EDEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:open_banking_am:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "94347800-04D2-48C4-ACF0-078A5ACBB063",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:open_banking_iam:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D7C241A3-8EA0-41E4-ABF3-21B9D8E7A5BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:open_banking_km:1.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E53783F4-60C7-4A92-8951-F8FD51170670",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:open_banking_km:1.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "535EFD44-F81C-43B2-B595-81429468637F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:traffic_manager:4.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C7413107-D7B2-49AE-AC46-52E7BFCD6ED8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:universal_gateway:4.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "61636553-C25E-44DF-93D7-EB3E1056D1DC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An improper access control vulnerability exists in multiple WSO2 products due to insufficient permission enforcement in certain internal SOAP Admin Services and System REST APIs. A low-privileged user may exploit this flaw to perform unauthorized operations, including accessing server-level information.\n\nThis vulnerability affects only internal administrative interfaces. APIs exposed through the WSO2 API Manager\u0027s API Gateway remain unaffected."
}
],
"id": "CVE-2025-9804",
"lastModified": "2025-11-21T21:40:09.890",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.6,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 6.0,
"source": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2025-10-16T13:15:42.130",
"references": [
{
"source": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"tags": [
"Vendor Advisory"
],
"url": "https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4503/"
}
],
"sourceIdentifier": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
FKIE_CVE-2025-10611
Vulnerability from fkie_nvd - Published: 2025-10-16 13:15 - Updated: 2025-11-21 21:38
Severity ?
Summary
Due to an insufficient access control implementation in multiple WSO2 Products, authentication and authorization checks for certain REST APIs can be bypassed, allowing them to be invoked without proper validation.
Successful exploitation of this vulnerability could lead to a malicious actor gaining administrative access and performing unauthenticated and unauthorized administrative operations.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:api_control_plane:4.5.0:-:*:*:*:*:*:*",
"matchCriteriaId": "DEEA7DB5-BBF7-44A4-9FB6-0D235A44C680",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:api_manager:2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "245D4EB1-F69D-4FAF-94DB-F4B3D3C20539",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:api_manager:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6819491F-C6C3-41C1-B27A-0D0B62224977",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:api_manager:2.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0D57C8CF-084D-4142-9AF1-7C9F1261A3BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:api_manager:2.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BC168B6A-B15A-4C3B-A38D-C0B65F24F333",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:api_manager:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8FF14774-8935-4FC9-B5C8-9771B3D6EBFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:api_manager:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1344FB79-0796-445C-A8F3-C03E995925D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:api_manager:3.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E31E32CD-497E-4EF5-B3FC-8718EE06EDAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:api_manager:3.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B58251E8-606B-47C8-8E50-9F9FC8C179BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:api_manager:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E21D7ABF-C328-425D-B914-618C7628220B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:api_manager:4.1.0:-:*:*:*:*:*:*",
"matchCriteriaId": "51465410-6B7C-40FD-A1AB-A14F650A6AC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:api_manager:4.2.0:-:*:*:*:*:*:*",
"matchCriteriaId": "851470CC-22AB-43E4-9CC6-5E22D49B3572",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:api_manager:4.3.0:-:*:*:*:*:*:*",
"matchCriteriaId": "9EBAB99E-6F0F-4CE9-A954-E8878826304C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:api_manager:4.4.0:-:*:*:*:*:*:*",
"matchCriteriaId": "0B3E6207-B2CF-487C-9CB8-906248B665C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:api_manager:4.5.0:-:*:*:*:*:*:*",
"matchCriteriaId": "D47B760D-5418-4FB0-88F0-3F78BAFF63E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:identity_server:5.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0375C318-ECD2-4657-A0D7-4A0708266FBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:identity_server:5.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8DA0050E-D5DD-45E5-9F61-DC1BB060EFF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:identity_server:5.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "26542F95-73F3-4906-838E-A66F5DC9DFA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:identity_server:5.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "60781FE4-38A3-4FEA-9D8B-CADE4B535974",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:identity_server:5.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2B169832-A746-49A6-8E92-06624AA9B13A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:identity_server:5.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "981D701D-E381-484A-9614-CD0EF0331071",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:identity_server:5.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4F126CA-A2F9-44F4-968B-DF71765869E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:identity_server:5.11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2153AECE-020A-4C01-B2A6-F9F5D98E7EBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:identity_server:6.0.0:-:*:*:*:*:*:*",
"matchCriteriaId": "32CE7893-AD1A-49E5-BD1A-5E9C2DEB8764",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:identity_server:6.1.0:-:*:*:*:*:*:*",
"matchCriteriaId": "EA76533A-5BED-4BDC-B348-EB3D3FDFB110",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:identity_server:7.0.0:-:*:*:*:*:*:*",
"matchCriteriaId": "C1EFBD0F-9664-4EF3-9908-C72B1318F68F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:identity_server:7.1.0:-:*:*:*:*:*:*",
"matchCriteriaId": "A5358E6E-8C01-408D-8692-B1A326DC630F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:identity_server_as_key_manager:5.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "104DBA04-538E-4CC5-9B6C-CFEDB40375AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:identity_server_as_key_manager:5.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E4F0F121-700C-4D30-BAFC-960DCC56F08B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:identity_server_as_key_manager:5.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2E5761F7-C287-4EC4-A899-C54FB4E80A35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:identity_server_as_key_manager:5.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3B184BFC-8E1A-4971-B6D2-C594742AB8CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:identity_server_as_key_manager:5.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EA51AC1B-0BF6-44F6-B034-CAD4F623DD76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:identity_server_as_key_manager:5.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6BB34405-A2F1-461A-B51B-E103BB3680A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:open_banking_am:1.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8CFB56F4-91D1-4FBF-842A-04BB117CAF85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:open_banking_am:1.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "035BF3B3-1AB9-43BC-BB37-68843818EDEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:open_banking_am:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "94347800-04D2-48C4-ACF0-078A5ACBB063",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:open_banking_iam:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D7C241A3-8EA0-41E4-ABF3-21B9D8E7A5BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:open_banking_km:1.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E53783F4-60C7-4A92-8951-F8FD51170670",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:open_banking_km:1.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "535EFD44-F81C-43B2-B595-81429468637F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:traffic_manager:4.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C7413107-D7B2-49AE-AC46-52E7BFCD6ED8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:universal_gateway:4.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "61636553-C25E-44DF-93D7-EB3E1056D1DC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Due to an insufficient access control implementation in multiple WSO2 Products, authentication and authorization checks for certain REST APIs can be bypassed, allowing them to be invoked without proper validation.\n\nSuccessful exploitation of this vulnerability could lead to a malicious actor gaining administrative access and performing unauthenticated and unauthorized administrative operations."
}
],
"id": "CVE-2025-10611",
"lastModified": "2025-11-21T21:38:23.433",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"type": "Secondary"
}
]
},
"published": "2025-10-16T13:15:40.640",
"references": [
{
"source": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"tags": [
"Vendor Advisory"
],
"url": "https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4585/"
}
],
"sourceIdentifier": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-863"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
FKIE_CVE-2025-1862
Vulnerability from fkie_nvd - Published: 2025-09-26 09:15 - Updated: 2025-10-06 13:43
Severity ?
6.7 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
An arbitrary file upload vulnerability exists in multiple WSO2 products due to improper validation of user-supplied filenames in the BPEL uploader SOAP service endpoint. A malicious actor with administrative privileges can upload arbitrary files to a user-controlled location on the server.
By leveraging this vulnerability, an attacker can upload a specially crafted payload and achieve remote code execution (RCE), potentially compromising the server and its data.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| wso2 | enterprise_integrator | 6.6.0 | |
| wso2 | identity_server | 5.10.0 | |
| wso2 | identity_server | 5.11.0 | |
| wso2 | identity_server | 6.0.0 | |
| wso2 | identity_server | 6.1.0 | |
| wso2 | identity_server_as_key_manager | 5.10.0 | |
| wso2 | open_banking_iam | 2.0.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:enterprise_integrator:6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E4A07C73-3E6B-4CF9-BEB9-39C6081C0332",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:identity_server:5.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4F126CA-A2F9-44F4-968B-DF71765869E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:identity_server:5.11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2153AECE-020A-4C01-B2A6-F9F5D98E7EBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:identity_server:6.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7B81C488-69D0-4A5C-AEED-31869C1BF5CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:identity_server:6.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "65CD2558-C60C-4296-8E96-D4D804C598F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:identity_server_as_key_manager:5.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6BB34405-A2F1-461A-B51B-E103BB3680A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:open_banking_iam:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D7C241A3-8EA0-41E4-ABF3-21B9D8E7A5BE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An arbitrary file upload vulnerability exists in multiple WSO2 products due to improper validation of user-supplied filenames in the BPEL uploader SOAP service endpoint. A malicious actor with administrative privileges can upload arbitrary files to a user-controlled location on the server.\n\n\nBy leveraging this vulnerability, an attacker can upload a specially crafted payload and achieve remote code execution (RCE), potentially compromising the server and its data."
}
],
"id": "CVE-2025-1862",
"lastModified": "2025-10-06T13:43:41.447",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.5,
"source": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2025-09-26T09:15:31.687",
"references": [
{
"source": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"tags": [
"Vendor Advisory"
],
"url": "https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-3992/"
}
],
"sourceIdentifier": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-434"
}
],
"source": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"type": "Secondary"
}
]
}
FKIE_CVE-2025-1396
Vulnerability from fkie_nvd - Published: 2025-09-26 08:15 - Updated: 2025-10-06 13:44
Severity ?
3.7 (Low) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Summary
A username enumeration vulnerability exists in multiple WSO2 products when Multi-Attribute Login is enabled. In this configuration, the system returns a distinct "User does not exist" error message to the login form, regardless of the validate_username setting. This behavior allows malicious actors to determine which usernames exist in the system based on observable discrepancies in the application's responses.
Exploitation of this vulnerability could aid in brute-force attacks, targeted phishing campaigns, or other social engineering techniques by confirming the validity of user identifiers within the system.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| wso2 | identity_server | 5.10.0 | |
| wso2 | identity_server | 5.11.0 | |
| wso2 | identity_server | 6.0.0 | |
| wso2 | identity_server | 6.1.0 | |
| wso2 | identity_server_as_key_manager | 5.10.0 | |
| wso2 | open_banking_iam | 2.0.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:identity_server:5.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4F126CA-A2F9-44F4-968B-DF71765869E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:identity_server:5.11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2153AECE-020A-4C01-B2A6-F9F5D98E7EBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:identity_server:6.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7B81C488-69D0-4A5C-AEED-31869C1BF5CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:identity_server:6.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "65CD2558-C60C-4296-8E96-D4D804C598F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:identity_server_as_key_manager:5.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6BB34405-A2F1-461A-B51B-E103BB3680A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:open_banking_iam:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D7C241A3-8EA0-41E4-ABF3-21B9D8E7A5BE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A username enumeration vulnerability exists in multiple WSO2 products when Multi-Attribute Login is enabled. In this configuration, the system returns a distinct \"User does not exist\" error message to the login form, regardless of the validate_username setting. This behavior allows malicious actors to determine which usernames exist in the system based on observable discrepancies in the application\u0027s responses.\n\n\nExploitation of this vulnerability could aid in brute-force attacks, targeted phishing campaigns, or other social engineering techniques by confirming the validity of user identifiers within the system."
}
],
"id": "CVE-2025-1396",
"lastModified": "2025-10-06T13:44:11.523",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 1.4,
"source": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2025-09-26T08:15:38.040",
"references": [
{
"source": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"tags": [
"Vendor Advisory"
],
"url": "https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-3983/"
}
],
"sourceIdentifier": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-203"
}
],
"source": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"type": "Secondary"
}
]
}
FKIE_CVE-2025-0672
Vulnerability from fkie_nvd - Published: 2025-09-23 18:15 - Updated: 2025-10-03 16:38
Severity ?
3.3 (Low) - CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N
3.8 (Low) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N
3.8 (Low) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N
Summary
An authentication bypass vulnerability exists in multiple WSO2 products when FIDO authentication is enabled. When a user account is deleted, the system does not automatically remove associated FIDO registration data. If a new user account is later created using the same username, the system may associate the new account with the previously registered FIDO device.
This flaw may allow a previously deleted user to authenticate using their FIDO credentials and impersonate the newly created user, resulting in unauthorized access. The vulnerability applies only to deployments that utilize FIDO-based authentication.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| wso2 | identity_server | 5.10.0 | |
| wso2 | identity_server | 5.11.0 | |
| wso2 | identity_server_as_key_manager | 5.10.0 | |
| wso2 | open_banking_iam | 2.0.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:identity_server:5.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4F126CA-A2F9-44F4-968B-DF71765869E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:identity_server:5.11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2153AECE-020A-4C01-B2A6-F9F5D98E7EBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:identity_server_as_key_manager:5.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6BB34405-A2F1-461A-B51B-E103BB3680A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:open_banking_iam:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D7C241A3-8EA0-41E4-ABF3-21B9D8E7A5BE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An authentication bypass vulnerability exists in multiple WSO2 products when FIDO authentication is enabled. When a user account is deleted, the system does not automatically remove associated FIDO registration data. If a new user account is later created using the same username, the system may associate the new account with the previously registered FIDO device.\n\nThis flaw may allow a previously deleted user to authenticate using their FIDO credentials and impersonate the newly created user, resulting in unauthorized access. The vulnerability applies only to deployments that utilize FIDO-based authentication."
}
],
"id": "CVE-2025-0672",
"lastModified": "2025-10-03T16:38:03.687",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.7,
"impactScore": 2.5,
"source": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.8,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 2.5,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2025-09-23T18:15:30.863",
"references": [
{
"source": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"tags": [
"Vendor Advisory"
],
"url": "https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-3134/"
}
],
"sourceIdentifier": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
CVE-2025-10853 (GCVE-0-2025-10853)
Vulnerability from cvelistv5 – Published: 2025-11-05 19:21 – Updated: 2025-11-05 19:58
VLAI?
Summary
A reflected cross-site scripting (XSS) vulnerability exists in the management console of multiple WSO2 products due to improper output encoding. By tampering with specific parameters, a malicious actor can inject arbitrary JavaScript into the response, leading to reflected XSS.
Successful exploitation could result in UI manipulation, redirection to malicious websites, or data theft from the browser. However, session-related sensitive cookies are protected with the httpOnly flag, which mitigates the risk of session hijacking.
Severity ?
5.2 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| WSO2 | WSO2 Open Banking IAM |
Unknown:
0 , < 2.0.0
(custom)
Affected: 2.0.0 , < 2.0.0.413 (custom) |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Credits
crnković
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-10853",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-05T19:51:26.535789Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-05T19:58:21.875Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WSO2 Open Banking IAM",
"vendor": "WSO2",
"versions": [
{
"lessThan": "2.0.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "2.0.0.413",
"status": "affected",
"version": "2.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 API Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "3.1.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "3.1.0.344",
"status": "affected",
"version": "3.1.0",
"versionType": "custom"
},
{
"lessThan": "3.2.0.445",
"status": "affected",
"version": "3.2.0",
"versionType": "custom"
},
{
"lessThan": "3.2.1.65",
"status": "affected",
"version": "3.2.1",
"versionType": "custom"
},
{
"lessThan": "4.0.0.365",
"status": "affected",
"version": "4.0.0",
"versionType": "custom"
},
{
"lessThan": "4.1.0.227",
"status": "affected",
"version": "4.1.0",
"versionType": "custom"
},
{
"lessThan": "4.2.0.167",
"status": "affected",
"version": "4.2.0",
"versionType": "custom"
},
{
"lessThan": "4.3.0.79",
"status": "affected",
"version": "4.3.0",
"versionType": "custom"
},
{
"lessThan": "4.4.0.43",
"status": "affected",
"version": "4.4.0",
"versionType": "custom"
},
{
"lessThan": "4.5.0.26",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Identity Server",
"vendor": "WSO2",
"versions": [
{
"lessThan": "5.10.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "5.10.0.373",
"status": "affected",
"version": "5.10.0",
"versionType": "custom"
},
{
"lessThan": "5.11.0.417",
"status": "affected",
"version": "5.11.0",
"versionType": "custom"
},
{
"lessThan": "6.0.0.247",
"status": "affected",
"version": "6.0.0",
"versionType": "custom"
},
{
"lessThan": "6.1.0.246",
"status": "affected",
"version": "6.1.0",
"versionType": "custom"
},
{
"lessThan": "7.0.0.122",
"status": "affected",
"version": "7.0.0",
"versionType": "custom"
},
{
"lessThan": "7.1.0.29",
"status": "affected",
"version": "7.1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Open Banking AM",
"vendor": "WSO2",
"versions": [
{
"lessThan": "2.0.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "2.0.0.393",
"status": "affected",
"version": "2.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Identity Server as Key Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "5.10.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "5.10.0.363",
"status": "affected",
"version": "5.10.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Enterprise Integrator",
"vendor": "WSO2",
"versions": [
{
"lessThan": "6.6.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "6.6.0.223",
"status": "affected",
"version": "6.6.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 API Control Plane",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.0.27",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Universal Gateway",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.0.25",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Traffic Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.0.25",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"packageName": "org.wso2.carbon.registry:org.wso2.carbon.registry.info.ui",
"product": "org.wso2.carbon.registry:org.wso2.carbon.registry.info.ui",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.7.32.14",
"status": "affected",
"version": "4.7.32",
"versionType": "custom"
},
{
"lessThan": "4.7.35.11",
"status": "affected",
"version": "4.7.35",
"versionType": "custom"
},
{
"lessThan": "4.7.39.9",
"status": "affected",
"version": "4.7.39",
"versionType": "custom"
},
{
"lessThan": "4.7.51.4",
"status": "affected",
"version": "4.7.51",
"versionType": "custom"
},
{
"lessThan": "4.8.3.9",
"status": "affected",
"version": "4.8.3",
"versionType": "custom"
},
{
"lessThan": "4.8.13.6",
"status": "affected",
"version": "4.8.13",
"versionType": "custom"
},
{
"lessThan": "4.8.32.3",
"status": "affected",
"version": "4.8.32",
"versionType": "custom"
},
{
"lessThan": "4.8.36.1",
"status": "affected",
"version": "4.8.36",
"versionType": "custom"
},
{
"lessThan": "4.8.43.1",
"status": "affected",
"version": "4.8.43",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "4.8.47",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"packageName": "org.wso2.carbon.registry:org.wso2.carbon.registry.resource.ui",
"product": "org.wso2.carbon.registry:org.wso2.carbon.registry.resource.ui",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.7.24.7",
"status": "affected",
"version": "4.7.24",
"versionType": "custom"
},
{
"lessThan": "4.7.32.14",
"status": "affected",
"version": "4.7.32",
"versionType": "custom"
},
{
"lessThan": "4.7.33.13",
"status": "affected",
"version": "4.7.33",
"versionType": "custom"
},
{
"lessThan": "4.7.35.11",
"status": "affected",
"version": "4.7.35",
"versionType": "custom"
},
{
"lessThan": "4.7.39.9",
"status": "affected",
"version": "4.7.39",
"versionType": "custom"
},
{
"lessThan": "4.7.51.4",
"status": "affected",
"version": "4.7.51",
"versionType": "custom"
},
{
"lessThan": "4.8.3.9",
"status": "affected",
"version": "4.8.3",
"versionType": "custom"
},
{
"lessThan": "4.8.9.5",
"status": "affected",
"version": "4.8.9",
"versionType": "custom"
},
{
"lessThan": "4.8.12.5",
"status": "affected",
"version": "4.8.12",
"versionType": "custom"
},
{
"lessThan": "4.8.13.6",
"status": "affected",
"version": "4.8.13",
"versionType": "custom"
},
{
"lessThan": "4.8.24.3",
"status": "affected",
"version": "4.8.24",
"versionType": "custom"
},
{
"lessThan": "4.8.32.3",
"status": "affected",
"version": "4.8.32",
"versionType": "custom"
},
{
"lessThan": "4.8.36.1",
"status": "affected",
"version": "4.8.36",
"versionType": "custom"
},
{
"lessThan": "4.8.43.1",
"status": "affected",
"version": "4.8.43",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "4.8.47",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"packageName": "org.wso2.carbon.governance:org.wso2.carbon.governance.wsdltool.ui",
"product": "org.wso2.carbon.governance:org.wso2.carbon.governance.wsdltool.ui",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.8.19.5",
"status": "affected",
"version": "4.8.19",
"versionType": "custom"
},
{
"lessThan": "4.8.21.9",
"status": "affected",
"version": "4.8.21",
"versionType": "custom"
},
{
"lessThan": "4.8.28.3",
"status": "affected",
"version": "4.8.28",
"versionType": "custom"
},
{
"lessThan": "4.8.30.3",
"status": "affected",
"version": "4.8.30",
"versionType": "custom"
},
{
"lessThan": "4.8.32.1",
"status": "affected",
"version": "4.8.32",
"versionType": "custom"
},
{
"lessThan": "4.8.33.3",
"status": "affected",
"version": "4.8.33",
"versionType": "custom"
},
{
"lessThan": "4.8.34.3",
"status": "affected",
"version": "4.8.34",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "4.8.35",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"packageName": "org.wso2.carbon.identity.inbound.auth.oauth2:org.wso2.carbon.identity.oauth.ui",
"product": "org.wso2.carbon.identity.inbound.auth.oauth2:org.wso2.carbon.identity.oauth.ui",
"vendor": "WSO2",
"versions": [
{
"lessThan": "6.4.2.165",
"status": "affected",
"version": "6.4.2",
"versionType": "custom"
},
{
"lessThan": "6.4.111.155",
"status": "affected",
"version": "6.4.111",
"versionType": "custom"
},
{
"lessThan": "6.4.176.28",
"status": "affected",
"version": "6.4.176",
"versionType": "custom"
},
{
"lessThan": "6.4.180.12",
"status": "affected",
"version": "6.4.180",
"versionType": "custom"
},
{
"lessThan": "6.9.6.26",
"status": "affected",
"version": "6.9.6",
"versionType": "custom"
},
{
"lessThan": "6.13.16.19",
"status": "affected",
"version": "6.13.16",
"versionType": "custom"
},
{
"lessThan": "6.13.19.12",
"status": "affected",
"version": "6.13.19",
"versionType": "custom"
},
{
"lessThan": "6.13.27.5",
"status": "affected",
"version": "6.13.27",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.13.*",
"status": "unaffected",
"version": "6.13.38",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "7.0.349",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_open_banking_iam:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.0.0.413",
"versionStartIncluding": "2.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.1.0.344",
"versionStartIncluding": "3.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.2.0.445",
"versionStartIncluding": "3.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.2.1.65",
"versionStartIncluding": "3.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.0.0.365",
"versionStartIncluding": "4.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.1.0.227",
"versionStartIncluding": "4.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2.0.167",
"versionStartIncluding": "4.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.3.0.79",
"versionStartIncluding": "4.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.4.0.43",
"versionStartIncluding": "4.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.5.0.26",
"versionStartIncluding": "4.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.0.373",
"versionStartIncluding": "5.10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.11.0.417",
"versionStartIncluding": "5.11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.0.0.247",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.0.246",
"versionStartIncluding": "6.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.0.0.122",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.1.0.29",
"versionStartIncluding": "7.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_open_banking_am:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.0.0.393",
"versionStartIncluding": "2.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server_as_key_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.0.363",
"versionStartIncluding": "5.10.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_enterprise_integrator:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.0.223",
"versionStartIncluding": "6.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_api_control_plane:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.5.0.27",
"versionStartIncluding": "4.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_universal_gateway:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.5.0.25",
"versionStartIncluding": "4.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_traffic_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.5.0.25",
"versionStartIncluding": "4.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.registry_org.wso2.carbon.registry.info.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.32.14",
"versionStartIncluding": "4.7.32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.registry_org.wso2.carbon.registry.info.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.35.11",
"versionStartIncluding": "4.7.35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.registry_org.wso2.carbon.registry.info.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.39.9",
"versionStartIncluding": "4.7.39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.registry_org.wso2.carbon.registry.info.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.51.4",
"versionStartIncluding": "4.7.51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.registry_org.wso2.carbon.registry.info.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.8.3.9",
"versionStartIncluding": "4.8.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.registry_org.wso2.carbon.registry.info.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.8.13.6",
"versionStartIncluding": "4.8.13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.registry_org.wso2.carbon.registry.info.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.8.32.3",
"versionStartIncluding": "4.8.32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.registry_org.wso2.carbon.registry.info.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.8.36.1",
"versionStartIncluding": "4.8.36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.registry_org.wso2.carbon.registry.info.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.8.43.1",
"versionStartIncluding": "4.8.43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.registry_org.wso2.carbon.registry.info.ui:*:*:*:*:*:*:*:*",
"versionEndIncluding": "*",
"versionStartIncluding": "4.8.47",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.registry_org.wso2.carbon.registry.resource.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.24.7",
"versionStartIncluding": "4.7.24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.registry_org.wso2.carbon.registry.resource.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.32.14",
"versionStartIncluding": "4.7.32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.registry_org.wso2.carbon.registry.resource.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.33.13",
"versionStartIncluding": "4.7.33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.registry_org.wso2.carbon.registry.resource.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.35.11",
"versionStartIncluding": "4.7.35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.registry_org.wso2.carbon.registry.resource.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.39.9",
"versionStartIncluding": "4.7.39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.registry_org.wso2.carbon.registry.resource.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.51.4",
"versionStartIncluding": "4.7.51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.registry_org.wso2.carbon.registry.resource.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.8.3.9",
"versionStartIncluding": "4.8.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.registry_org.wso2.carbon.registry.resource.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.8.9.5",
"versionStartIncluding": "4.8.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.registry_org.wso2.carbon.registry.resource.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.8.12.5",
"versionStartIncluding": "4.8.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.registry_org.wso2.carbon.registry.resource.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.8.13.6",
"versionStartIncluding": "4.8.13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.registry_org.wso2.carbon.registry.resource.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.8.24.3",
"versionStartIncluding": "4.8.24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.registry_org.wso2.carbon.registry.resource.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.8.32.3",
"versionStartIncluding": "4.8.32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.registry_org.wso2.carbon.registry.resource.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.8.36.1",
"versionStartIncluding": "4.8.36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.registry_org.wso2.carbon.registry.resource.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.8.43.1",
"versionStartIncluding": "4.8.43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.registry_org.wso2.carbon.registry.resource.ui:*:*:*:*:*:*:*:*",
"versionEndIncluding": "*",
"versionStartIncluding": "4.8.47",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.governance_org.wso2.carbon.governance.wsdltool.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.8.19.5",
"versionStartIncluding": "4.8.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.governance_org.wso2.carbon.governance.wsdltool.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.8.21.9",
"versionStartIncluding": "4.8.21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.governance_org.wso2.carbon.governance.wsdltool.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.8.28.3",
"versionStartIncluding": "4.8.28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.governance_org.wso2.carbon.governance.wsdltool.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.8.30.3",
"versionStartIncluding": "4.8.30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.governance_org.wso2.carbon.governance.wsdltool.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.8.32.1",
"versionStartIncluding": "4.8.32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.governance_org.wso2.carbon.governance.wsdltool.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.8.33.3",
"versionStartIncluding": "4.8.33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.governance_org.wso2.carbon.governance.wsdltool.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.8.34.3",
"versionStartIncluding": "4.8.34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.governance_org.wso2.carbon.governance.wsdltool.ui:*:*:*:*:*:*:*:*",
"versionEndIncluding": "*",
"versionStartIncluding": "4.8.35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.identity.inbound.auth.oauth2_org.wso2.carbon.identity.oauth.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.4.2.165",
"versionStartIncluding": "6.4.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.identity.inbound.auth.oauth2_org.wso2.carbon.identity.oauth.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.4.111.155",
"versionStartIncluding": "6.4.111",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.identity.inbound.auth.oauth2_org.wso2.carbon.identity.oauth.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.4.176.28",
"versionStartIncluding": "6.4.176",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.identity.inbound.auth.oauth2_org.wso2.carbon.identity.oauth.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.4.180.12",
"versionStartIncluding": "6.4.180",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.identity.inbound.auth.oauth2_org.wso2.carbon.identity.oauth.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.9.6.26",
"versionStartIncluding": "6.9.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.identity.inbound.auth.oauth2_org.wso2.carbon.identity.oauth.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.13.16.19",
"versionStartIncluding": "6.13.16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.identity.inbound.auth.oauth2_org.wso2.carbon.identity.oauth.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.13.19.12",
"versionStartIncluding": "6.13.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.identity.inbound.auth.oauth2_org.wso2.carbon.identity.oauth.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.13.27.5",
"versionStartIncluding": "6.13.27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.identity.inbound.auth.oauth2_org.wso2.carbon.identity.oauth.ui:*:*:*:*:*:*:*:*",
"versionEndIncluding": "6.13.*",
"versionStartIncluding": "6.13.38",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.identity.inbound.auth.oauth2_org.wso2.carbon.identity.oauth.ui:*:*:*:*:*:*:*:*",
"versionEndIncluding": "*",
"versionStartIncluding": "7.0.349",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "crnkovi\u0107"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A reflected cross-site scripting (XSS) vulnerability exists in the management console of multiple WSO2 products due to improper output encoding. By tampering with specific parameters, a malicious actor can inject arbitrary JavaScript into the response, leading to reflected XSS.\u003cbr\u003e\u003cbr\u003eSuccessful exploitation could result in UI manipulation, redirection to malicious websites, or data theft from the browser. However, session-related sensitive cookies are protected with the httpOnly flag, which mitigates the risk of session hijacking."
}
],
"value": "A reflected cross-site scripting (XSS) vulnerability exists in the management console of multiple WSO2 products due to improper output encoding. By tampering with specific parameters, a malicious actor can inject arbitrary JavaScript into the response, leading to reflected XSS.\n\nSuccessful exploitation could result in UI manipulation, redirection to malicious websites, or data theft from the browser. However, session-related sensitive cookies are protected with the httpOnly flag, which mitigates the risk of session hijacking."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-05T19:21:32.971Z",
"orgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"shortName": "WSO2"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4486/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: transparent;\"\u003eFollow the instructions given on \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4486/#solution\"\u003e\u003cspan style=\"background-color: transparent;\"\u003ehttps://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4486/#solution\u003c/span\u003e\u003c/a\u003e \u003cbr\u003e"
}
],
"value": "Follow the instructions given on https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4486/#solution"
}
],
"source": {
"advisory": "WSO2-2025-4486",
"discovery": "EXTERNAL"
},
"title": "Reflected Cross-Site Scripting (XSS) in Management Console of Multiple WSO2 Products Due to Improper Output Encoding",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"assignerShortName": "WSO2",
"cveId": "CVE-2025-10853",
"datePublished": "2025-11-05T19:21:32.971Z",
"dateReserved": "2025-09-22T10:42:09.872Z",
"dateUpdated": "2025-11-05T19:58:21.875Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-10907 (GCVE-0-2025-10907)
Vulnerability from cvelistv5 – Published: 2025-11-05 18:03 – Updated: 2025-11-05 18:49
VLAI?
Summary
An arbitrary file upload vulnerability exists in multiple WSO2 products due to insufficient validation of uploaded content and destination in SOAP admin services. A malicious actor with administrative privileges can upload a specially crafted file to a user-controlled location within the deployment.
Successful exploitation may lead to remote code execution (RCE) on the server, depending on how the uploaded file is processed. By default, this vulnerability is only exploitable by users with administrative access to the affected SOAP services.
Severity ?
8.4 (High)
CWE
- CWE-434 - Unrestricted Upload of File with Dangerous Type
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| WSO2 | WSO2 API Manager |
Unknown:
0 , < 3.1.0
(custom)
Affected: 3.1.0 , < 3.1.0.345 (custom) Affected: 3.2.0 , < 3.2.0.448 (custom) Affected: 3.2.1 , < 3.2.1.66 (custom) Affected: 4.0.0 , < 4.0.0.367 (custom) Affected: 4.1.0 , < 4.1.0.230 (custom) Affected: 4.2.0 , < 4.2.0.169 (custom) Affected: 4.3.0 , < 4.3.0.81 (custom) Affected: 4.4.0 , < 4.4.0.45 (custom) Affected: 4.5.0 , < 4.5.0.28 (custom) |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Credits
crnković
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-10907",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-05T18:49:26.232581Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-05T18:49:44.604Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WSO2 API Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "3.1.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "3.1.0.345",
"status": "affected",
"version": "3.1.0",
"versionType": "custom"
},
{
"lessThan": "3.2.0.448",
"status": "affected",
"version": "3.2.0",
"versionType": "custom"
},
{
"lessThan": "3.2.1.66",
"status": "affected",
"version": "3.2.1",
"versionType": "custom"
},
{
"lessThan": "4.0.0.367",
"status": "affected",
"version": "4.0.0",
"versionType": "custom"
},
{
"lessThan": "4.1.0.230",
"status": "affected",
"version": "4.1.0",
"versionType": "custom"
},
{
"lessThan": "4.2.0.169",
"status": "affected",
"version": "4.2.0",
"versionType": "custom"
},
{
"lessThan": "4.3.0.81",
"status": "affected",
"version": "4.3.0",
"versionType": "custom"
},
{
"lessThan": "4.4.0.45",
"status": "affected",
"version": "4.4.0",
"versionType": "custom"
},
{
"lessThan": "4.5.0.28",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Open Banking IAM",
"vendor": "WSO2",
"versions": [
{
"lessThan": "2.0.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "2.0.0.414",
"status": "affected",
"version": "2.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Open Banking AM",
"vendor": "WSO2",
"versions": [
{
"lessThan": "2.0.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "2.0.0.394",
"status": "affected",
"version": "2.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 API Control Plane",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.0.29",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Universal Gateway",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.0.27",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Traffic Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.0.27",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Micro Integrator",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.0.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "4.0.0.145",
"status": "affected",
"version": "4.0.0",
"versionType": "custom"
},
{
"lessThan": "4.1.0.147",
"status": "affected",
"version": "4.1.0",
"versionType": "custom"
},
{
"lessThan": "4.2.0.141",
"status": "affected",
"version": "4.2.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Identity Server",
"vendor": "WSO2",
"versions": [
{
"lessThan": "5.10.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "5.10.0.375",
"status": "affected",
"version": "5.10.0",
"versionType": "custom"
},
{
"lessThan": "5.11.0.419",
"status": "affected",
"version": "5.11.0",
"versionType": "custom"
},
{
"lessThan": "6.0.0.248",
"status": "affected",
"version": "6.0.0",
"versionType": "custom"
},
{
"lessThan": "6.1.0.248",
"status": "affected",
"version": "6.1.0",
"versionType": "custom"
},
{
"lessThan": "7.0.0.124",
"status": "affected",
"version": "7.0.0",
"versionType": "custom"
},
{
"lessThan": "7.1.0.31",
"status": "affected",
"version": "7.1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Identity Server as Key Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "5.10.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "5.10.0.365",
"status": "affected",
"version": "5.10.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Enterprise Integrator",
"vendor": "WSO2",
"versions": [
{
"lessThan": "6.6.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "6.6.0.224",
"status": "affected",
"version": "6.6.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"packageName": "org.jaggeryjs:org.jaggeryjs.jaggery.app.mgt",
"product": "org.jaggeryjs:org.jaggeryjs.jaggery.app.mgt",
"vendor": "WSO2",
"versions": [
{
"lessThan": "0.14.13.8",
"status": "affected",
"version": "0.14.13",
"versionType": "custom"
},
{
"lessThan": "0.14.16.1",
"status": "affected",
"version": "0.14.16",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"packageName": "org.wso2.carbon.event-processing:org.wso2.carbon.event.simulator.core",
"product": "org.wso2.carbon.event-processing:org.wso2.carbon.event.simulator.core",
"vendor": "WSO2",
"versions": [
{
"lessThan": "2.2.14.7",
"status": "affected",
"version": "2.2.14",
"versionType": "custom"
},
{
"lessThan": "2.2.17.2",
"status": "affected",
"version": "2.2.17",
"versionType": "custom"
},
{
"lessThan": "2.3.1.3",
"status": "affected",
"version": "2.3.1",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "2.3.19",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"packageName": "org.wso2.carbon.mediation:org.wso2.carbon.mediation.library",
"product": "org.wso2.carbon.mediation:org.wso2.carbon.mediation.library",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.7.30.47",
"status": "affected",
"version": "4.7.30",
"versionType": "custom"
},
{
"lessThan": "4.7.61.62",
"status": "affected",
"version": "4.7.61",
"versionType": "custom"
},
{
"lessThan": "4.7.99.304",
"status": "affected",
"version": "4.7.99",
"versionType": "custom"
},
{
"lessThan": "4.7.131.22",
"status": "affected",
"version": "4.7.131",
"versionType": "custom"
},
{
"lessThan": "4.7.175.30",
"status": "affected",
"version": "4.7.175",
"versionType": "custom"
},
{
"lessThan": "4.7.188.12",
"status": "affected",
"version": "4.7.188",
"versionType": "custom"
},
{
"lessThan": "4.7.204.13",
"status": "affected",
"version": "4.7.204",
"versionType": "custom"
},
{
"lessThan": "4.7.221.7",
"status": "affected",
"version": "4.7.221",
"versionType": "custom"
},
{
"lessThan": "4.7.245.7",
"status": "affected",
"version": "4.7.245",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "4.7.262",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"packageName": "org.wso2.carbon.deployment:org.wso2.carbon.module.mgt",
"product": "org.wso2.carbon.deployment:org.wso2.carbon.module.mgt",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.9.15.2",
"status": "affected",
"version": "4.9.15",
"versionType": "custom"
},
{
"lessThan": "4.10.1.1",
"status": "affected",
"version": "4.10.1",
"versionType": "custom"
},
{
"lessThan": "4.10.9.2",
"status": "affected",
"version": "4.10.9",
"versionType": "custom"
},
{
"lessThan": "4.11.1.3",
"status": "affected",
"version": "4.11.1",
"versionType": "custom"
},
{
"lessThan": "4.11.3.3",
"status": "affected",
"version": "4.11.3",
"versionType": "custom"
},
{
"lessThan": "4.11.7.5",
"status": "affected",
"version": "4.11.7",
"versionType": "custom"
},
{
"lessThan": "4.11.14.2",
"status": "affected",
"version": "4.11.14",
"versionType": "custom"
},
{
"lessThan": "4.11.17.3",
"status": "affected",
"version": "4.11.17",
"versionType": "custom"
},
{
"lessThan": "4.11.18.1",
"status": "affected",
"version": "4.11.18",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "4.11.24",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"packageName": "org.wso2.carbon.deployment:org.wso2.carbon.webapp.mgt",
"product": "org.wso2.carbon.deployment:org.wso2.carbon.webapp.mgt",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.10.1.1",
"status": "affected",
"version": "4.10.1",
"versionType": "custom"
},
{
"lessThan": "4.10.9.2",
"status": "affected",
"version": "4.10.9",
"versionType": "custom"
},
{
"lessThan": "4.11.1.3",
"status": "affected",
"version": "4.11.1",
"versionType": "custom"
},
{
"lessThan": "4.11.3.3",
"status": "affected",
"version": "4.11.3",
"versionType": "custom"
},
{
"lessThan": "4.11.7.5",
"status": "affected",
"version": "4.11.7",
"versionType": "custom"
},
{
"lessThan": "4.11.14.2",
"status": "affected",
"version": "4.11.14",
"versionType": "custom"
},
{
"lessThan": "4.11.17.3",
"status": "affected",
"version": "4.11.17",
"versionType": "custom"
},
{
"lessThan": "4.11.18.1",
"status": "affected",
"version": "4.11.18",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "4.11.24",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"packageName": "org.apache.ws.commons.axiom.wso2:axiom",
"product": "org.apache.ws.commons.axiom.wso2:axiom",
"vendor": "WSO2",
"versions": [
{
"lessThan": "1.2.11.wso2v17_5",
"status": "affected",
"version": "1.2.11",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "1.2.11-wso2v21",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"packageName": "org.wso2.carbon:org.wso2.carbon.base",
"product": "org.wso2.carbon:org.wso2.carbon.base",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.3.46",
"status": "affected",
"version": "4.5.3",
"versionType": "custom"
},
{
"lessThan": "4.6.0.2005",
"status": "affected",
"version": "4.6.0",
"versionType": "custom"
},
{
"lessThan": "4.6.1.153",
"status": "affected",
"version": "4.6.1",
"versionType": "custom"
},
{
"lessThan": "4.6.2.668",
"status": "affected",
"version": "4.6.2",
"versionType": "custom"
},
{
"lessThan": "4.6.3.37",
"status": "affected",
"version": "4.6.3",
"versionType": "custom"
},
{
"lessThan": "4.6.4.15",
"status": "affected",
"version": "4.6.4",
"versionType": "custom"
},
{
"lessThan": "4.7.1.72",
"status": "affected",
"version": "4.7.1",
"versionType": "custom"
},
{
"lessThan": "4.8.1.40",
"status": "affected",
"version": "4.8.1",
"versionType": "custom"
},
{
"lessThan": "4.9.0.103",
"status": "affected",
"version": "4.9.0",
"versionType": "custom"
},
{
"lessThan": "4.9.26.26",
"status": "affected",
"version": "4.9.26",
"versionType": "custom"
},
{
"lessThan": "4.9.27.11",
"status": "affected",
"version": "4.9.27",
"versionType": "custom"
},
{
"lessThan": "4.9.28.12",
"status": "affected",
"version": "4.9.28",
"versionType": "custom"
},
{
"lessThan": "4.10.9.71",
"status": "affected",
"version": "4.10.9",
"versionType": "custom"
},
{
"lessThan": "4.10.42.14",
"status": "affected",
"version": "4.10.42",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.9.*",
"status": "unaffected",
"version": "4.9.30",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "4.10.95",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"packageName": "org.wso2.carbon:org.wso2.carbon.utils",
"product": "org.wso2.carbon:org.wso2.carbon.utils",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.3.46",
"status": "affected",
"version": "4.5.3",
"versionType": "custom"
},
{
"lessThan": "4.6.0.2005",
"status": "affected",
"version": "4.6.0",
"versionType": "custom"
},
{
"lessThan": "4.6.1.153",
"status": "affected",
"version": "4.6.1",
"versionType": "custom"
},
{
"lessThan": "4.6.2.668",
"status": "affected",
"version": "4.6.2",
"versionType": "custom"
},
{
"lessThan": "4.6.3.37",
"status": "affected",
"version": "4.6.3",
"versionType": "custom"
},
{
"lessThan": "4.6.4.15",
"status": "affected",
"version": "4.6.4",
"versionType": "custom"
},
{
"lessThan": "4.7.1.72",
"status": "affected",
"version": "4.7.1",
"versionType": "custom"
},
{
"lessThan": "4.8.1.40",
"status": "affected",
"version": "4.8.1",
"versionType": "custom"
},
{
"lessThan": "4.9.0.103",
"status": "affected",
"version": "4.9.0",
"versionType": "custom"
},
{
"lessThan": "4.9.26.26",
"status": "affected",
"version": "4.9.26",
"versionType": "custom"
},
{
"lessThan": "4.9.27.11",
"status": "affected",
"version": "4.9.27",
"versionType": "custom"
},
{
"lessThan": "4.9.28.12",
"status": "affected",
"version": "4.9.28",
"versionType": "custom"
},
{
"lessThan": "4.10.9.71",
"status": "affected",
"version": "4.10.9",
"versionType": "custom"
},
{
"lessThan": "4.10.42.14",
"status": "affected",
"version": "4.10.42",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.9.*",
"status": "unaffected",
"version": "4.9.30",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "4.10.95",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.1.0.345",
"versionStartIncluding": "3.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.2.0.448",
"versionStartIncluding": "3.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.2.1.66",
"versionStartIncluding": "3.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.0.0.367",
"versionStartIncluding": "4.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.1.0.230",
"versionStartIncluding": "4.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2.0.169",
"versionStartIncluding": "4.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.3.0.81",
"versionStartIncluding": "4.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.4.0.45",
"versionStartIncluding": "4.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.5.0.28",
"versionStartIncluding": "4.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_open_banking_iam:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.0.0.414",
"versionStartIncluding": "2.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_open_banking_am:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.0.0.394",
"versionStartIncluding": "2.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_api_control_plane:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.5.0.29",
"versionStartIncluding": "4.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_universal_gateway:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.5.0.27",
"versionStartIncluding": "4.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_traffic_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.5.0.27",
"versionStartIncluding": "4.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_micro_integrator:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.0.0.145",
"versionStartIncluding": "4.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_micro_integrator:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.1.0.147",
"versionStartIncluding": "4.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_micro_integrator:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2.0.141",
"versionStartIncluding": "4.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.0.375",
"versionStartIncluding": "5.10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.11.0.419",
"versionStartIncluding": "5.11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.0.0.248",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.0.248",
"versionStartIncluding": "6.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.0.0.124",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.1.0.31",
"versionStartIncluding": "7.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server_as_key_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.0.365",
"versionStartIncluding": "5.10.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_enterprise_integrator:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.0.224",
"versionStartIncluding": "6.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:org.jaggeryjs_org.jaggeryjs.jaggery.app.mgt:*:*:*:*:*:*:*:*",
"versionEndExcluding": "0.14.13.8",
"versionStartIncluding": "0.14.13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.jaggeryjs_org.jaggeryjs.jaggery.app.mgt:*:*:*:*:*:*:*:*",
"versionEndExcluding": "0.14.16.1",
"versionStartIncluding": "0.14.16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.event-processing_org.wso2.carbon.event.simulator.core:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.2.14.7",
"versionStartIncluding": "2.2.14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.event-processing_org.wso2.carbon.event.simulator.core:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.2.17.2",
"versionStartIncluding": "2.2.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.event-processing_org.wso2.carbon.event.simulator.core:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.3.1.3",
"versionStartIncluding": "2.3.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.event-processing_org.wso2.carbon.event.simulator.core:*:*:*:*:*:*:*:*",
"versionEndIncluding": "*",
"versionStartIncluding": "2.3.19",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.mediation_org.wso2.carbon.mediation.library:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.30.47",
"versionStartIncluding": "4.7.30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.mediation_org.wso2.carbon.mediation.library:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.61.62",
"versionStartIncluding": "4.7.61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.mediation_org.wso2.carbon.mediation.library:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.99.304",
"versionStartIncluding": "4.7.99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.mediation_org.wso2.carbon.mediation.library:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.131.22",
"versionStartIncluding": "4.7.131",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.mediation_org.wso2.carbon.mediation.library:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.175.30",
"versionStartIncluding": "4.7.175",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.mediation_org.wso2.carbon.mediation.library:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.188.12",
"versionStartIncluding": "4.7.188",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.mediation_org.wso2.carbon.mediation.library:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.204.13",
"versionStartIncluding": "4.7.204",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.mediation_org.wso2.carbon.mediation.library:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.221.7",
"versionStartIncluding": "4.7.221",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.mediation_org.wso2.carbon.mediation.library:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.245.7",
"versionStartIncluding": "4.7.245",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.mediation_org.wso2.carbon.mediation.library:*:*:*:*:*:*:*:*",
"versionEndIncluding": "*",
"versionStartIncluding": "4.7.262",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.deployment_org.wso2.carbon.module.mgt:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.9.15.2",
"versionStartIncluding": "4.9.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.deployment_org.wso2.carbon.module.mgt:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.10.1.1",
"versionStartIncluding": "4.10.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.deployment_org.wso2.carbon.module.mgt:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.10.9.2",
"versionStartIncluding": "4.10.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.deployment_org.wso2.carbon.module.mgt:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.11.1.3",
"versionStartIncluding": "4.11.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.deployment_org.wso2.carbon.module.mgt:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.11.3.3",
"versionStartIncluding": "4.11.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.deployment_org.wso2.carbon.module.mgt:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.11.7.5",
"versionStartIncluding": "4.11.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.deployment_org.wso2.carbon.module.mgt:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.11.14.2",
"versionStartIncluding": "4.11.14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.deployment_org.wso2.carbon.module.mgt:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.11.17.3",
"versionStartIncluding": "4.11.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.deployment_org.wso2.carbon.module.mgt:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.11.18.1",
"versionStartIncluding": "4.11.18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.deployment_org.wso2.carbon.module.mgt:*:*:*:*:*:*:*:*",
"versionEndIncluding": "*",
"versionStartIncluding": "4.11.24",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.deployment_org.wso2.carbon.webapp.mgt:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.10.1.1",
"versionStartIncluding": "4.10.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.deployment_org.wso2.carbon.webapp.mgt:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.10.9.2",
"versionStartIncluding": "4.10.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.deployment_org.wso2.carbon.webapp.mgt:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.11.1.3",
"versionStartIncluding": "4.11.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.deployment_org.wso2.carbon.webapp.mgt:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.11.3.3",
"versionStartIncluding": "4.11.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.deployment_org.wso2.carbon.webapp.mgt:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.11.7.5",
"versionStartIncluding": "4.11.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.deployment_org.wso2.carbon.webapp.mgt:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.11.14.2",
"versionStartIncluding": "4.11.14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.deployment_org.wso2.carbon.webapp.mgt:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.11.17.3",
"versionStartIncluding": "4.11.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.deployment_org.wso2.carbon.webapp.mgt:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.11.18.1",
"versionStartIncluding": "4.11.18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.deployment_org.wso2.carbon.webapp.mgt:*:*:*:*:*:*:*:*",
"versionEndIncluding": "*",
"versionStartIncluding": "4.11.24",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:org.apache.ws.commons.axiom.wso2_axiom:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.2.11.wso2v17_5",
"versionStartIncluding": "1.2.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.apache.ws.commons.axiom.wso2_axiom:*:*:*:*:*:*:*:*",
"versionEndIncluding": "*",
"versionStartIncluding": "1.2.11-wso2v21",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.base:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.5.3.46",
"versionStartIncluding": "4.5.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.base:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.6.0.2005",
"versionStartIncluding": "4.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.base:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.6.1.153",
"versionStartIncluding": "4.6.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.base:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.6.2.668",
"versionStartIncluding": "4.6.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.base:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.6.3.37",
"versionStartIncluding": "4.6.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.base:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.6.4.15",
"versionStartIncluding": "4.6.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.base:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.1.72",
"versionStartIncluding": "4.7.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.base:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.8.1.40",
"versionStartIncluding": "4.8.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.base:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.9.0.103",
"versionStartIncluding": "4.9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.base:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.9.26.26",
"versionStartIncluding": "4.9.26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.base:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.9.27.11",
"versionStartIncluding": "4.9.27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.base:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.9.28.12",
"versionStartIncluding": "4.9.28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.base:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.10.9.71",
"versionStartIncluding": "4.10.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.base:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.10.42.14",
"versionStartIncluding": "4.10.42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.base:*:*:*:*:*:*:*:*",
"versionEndIncluding": "4.9.*",
"versionStartIncluding": "4.9.30",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.base:*:*:*:*:*:*:*:*",
"versionEndIncluding": "*",
"versionStartIncluding": "4.10.95",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.utils:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.5.3.46",
"versionStartIncluding": "4.5.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.utils:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.6.0.2005",
"versionStartIncluding": "4.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.utils:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.6.1.153",
"versionStartIncluding": "4.6.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.utils:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.6.2.668",
"versionStartIncluding": "4.6.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.utils:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.6.3.37",
"versionStartIncluding": "4.6.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.utils:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.6.4.15",
"versionStartIncluding": "4.6.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.utils:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.1.72",
"versionStartIncluding": "4.7.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.utils:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.8.1.40",
"versionStartIncluding": "4.8.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.utils:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.9.0.103",
"versionStartIncluding": "4.9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.utils:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.9.26.26",
"versionStartIncluding": "4.9.26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.utils:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.9.27.11",
"versionStartIncluding": "4.9.27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.utils:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.9.28.12",
"versionStartIncluding": "4.9.28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.utils:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.10.9.71",
"versionStartIncluding": "4.10.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.utils:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.10.42.14",
"versionStartIncluding": "4.10.42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.utils:*:*:*:*:*:*:*:*",
"versionEndIncluding": "4.9.*",
"versionStartIncluding": "4.9.30",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.utils:*:*:*:*:*:*:*:*",
"versionEndIncluding": "*",
"versionStartIncluding": "4.10.95",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "crnkovi\u0107"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An arbitrary file upload vulnerability exists in multiple WSO2 products due to insufficient validation of uploaded content and destination in SOAP admin services. A malicious actor with administrative privileges can upload a specially crafted file to a user-controlled location within the deployment.\u003cbr\u003e\u003cbr\u003eSuccessful exploitation may lead to remote code execution (RCE) on the server, depending on how the uploaded file is processed. By default, this vulnerability is only exploitable by users with administrative access to the affected SOAP services.\u003cbr\u003e"
}
],
"value": "An arbitrary file upload vulnerability exists in multiple WSO2 products due to insufficient validation of uploaded content and destination in SOAP admin services. A malicious actor with administrative privileges can upload a specially crafted file to a user-controlled location within the deployment.\n\nSuccessful exploitation may lead to remote code execution (RCE) on the server, depending on how the uploaded file is processed. By default, this vulnerability is only exploitable by users with administrative access to the affected SOAP services."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-05T18:03:49.831Z",
"orgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"shortName": "WSO2"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4603/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: transparent;\"\u003eFollow the instructions given on \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4603/#solution\"\u003e\u003cspan style=\"background-color: transparent;\"\u003ehttps://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4603/#solution\u003c/span\u003e\u003c/a\u003e \u003cbr\u003e"
}
],
"value": "Follow the instructions given on https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4603/#solution"
}
],
"source": {
"advisory": "WSO2-2025-4603",
"discovery": "EXTERNAL"
},
"title": "Authenticated Arbitrary File Upload in Multiple WSO2 Products via SOAP Admin Services Leading to Remote Code Execution",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"assignerShortName": "WSO2",
"cveId": "CVE-2025-10907",
"datePublished": "2025-11-05T18:03:49.831Z",
"dateReserved": "2025-09-24T09:25:09.461Z",
"dateUpdated": "2025-11-05T18:49:44.604Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-3125 (GCVE-0-2025-3125)
Vulnerability from cvelistv5 – Published: 2025-11-05 14:49 – Updated: 2025-11-05 18:59
VLAI?
Summary
An arbitrary file upload vulnerability exists in multiple WSO2 products due to improper input validation in the CarbonAppUploader admin service endpoint. An authenticated attacker with appropriate privileges can upload a malicious file to a user-controlled location on the server, potentially leading to remote code execution (RCE).
This functionality is restricted by default to admin users; therefore, successful exploitation requires valid credentials with administrative permissions.
Severity ?
6.7 (Medium)
CWE
- CWE-434 - Unrestricted Upload of File with Dangerous Type
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| WSO2 | WSO2 Identity Server |
Unknown:
0 , < 5.10.0
(custom)
Affected: 5.10.0 , < 5.10.0.360 (custom) Affected: 5.11.0 , < 5.11.0.399 (custom) Affected: 6.0.0 , < 6.0.0.235 (custom) Affected: 6.1.0 , < 6.1.0.230 (custom) Affected: 7.0.0 , < 7.0.0.101 (custom) Affected: 7.1.0 , < 7.1.0.32 (custom) |
||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
Credits
Danh Nguyen (k4it0) from VIB Pentest Team
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-3125",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-05T18:58:52.925152Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-05T18:59:01.426Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WSO2 Identity Server",
"vendor": "WSO2",
"versions": [
{
"lessThan": "5.10.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "5.10.0.360",
"status": "affected",
"version": "5.10.0",
"versionType": "custom"
},
{
"lessThan": "5.11.0.399",
"status": "affected",
"version": "5.11.0",
"versionType": "custom"
},
{
"lessThan": "6.0.0.235",
"status": "affected",
"version": "6.0.0",
"versionType": "custom"
},
{
"lessThan": "6.1.0.230",
"status": "affected",
"version": "6.1.0",
"versionType": "custom"
},
{
"lessThan": "7.0.0.101",
"status": "affected",
"version": "7.0.0",
"versionType": "custom"
},
{
"lessThan": "7.1.0.32",
"status": "affected",
"version": "7.1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Enterprise Integrator",
"vendor": "WSO2",
"versions": [
{
"lessThan": "6.6.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "6.6.0.217",
"status": "affected",
"version": "6.6.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Open Banking IAM",
"vendor": "WSO2",
"versions": [
{
"lessThan": "2.0.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "2.0.0.402",
"status": "affected",
"version": "2.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Identity Server as Key Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "5.10.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "5.10.0.353",
"status": "affected",
"version": "5.10.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 API Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "3.2.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "3.2.0.421",
"status": "affected",
"version": "3.2.0",
"versionType": "custom"
},
{
"lessThan": "3.2.1.41",
"status": "affected",
"version": "3.2.1",
"versionType": "custom"
},
{
"lessThan": "4.0.0.342",
"status": "affected",
"version": "4.0.0",
"versionType": "custom"
},
{
"lessThan": "4.1.0.203",
"status": "affected",
"version": "4.1.0",
"versionType": "custom"
},
{
"lessThan": "4.2.0.142",
"status": "affected",
"version": "4.2.0",
"versionType": "custom"
},
{
"lessThan": "4.3.0.55",
"status": "affected",
"version": "4.3.0",
"versionType": "custom"
},
{
"lessThan": "4.4.0.19",
"status": "affected",
"version": "4.4.0",
"versionType": "custom"
},
{
"lessThan": "4.5.0.2",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 API Control Plane",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.0.2",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Universal Gateway",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.0.2",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Traffic Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.0.2",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"packageName": "org.wso2.carbon.commons:org.wso2.carbon.application.upload",
"product": "org.wso2.carbon.commons:org.wso2.carbon.application.upload",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.7.19.7",
"status": "affected",
"version": "4.7.19",
"versionType": "custom"
},
{
"lessThan": "4.7.32.5",
"status": "affected",
"version": "4.7.32",
"versionType": "custom"
},
{
"lessThan": "4.7.35.8",
"status": "affected",
"version": "4.7.35",
"versionType": "custom"
},
{
"lessThan": "4.7.39.1",
"status": "affected",
"version": "4.7.39",
"versionType": "custom"
},
{
"lessThan": "4.7.49.4",
"status": "affected",
"version": "4.7.49",
"versionType": "custom"
},
{
"lessThan": "4.7.52.1",
"status": "affected",
"version": "4.7.52",
"versionType": "custom"
},
{
"lessThan": "4.10.13.1",
"status": "affected",
"version": "4.10.13",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.9.*",
"status": "unaffected",
"version": "4.9.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "4.10.24",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.0.360",
"versionStartIncluding": "5.10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.11.0.399",
"versionStartIncluding": "5.11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.0.0.235",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.0.230",
"versionStartIncluding": "6.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.0.0.101",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.1.0.32",
"versionStartIncluding": "7.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_enterprise_integrator:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.0.217",
"versionStartIncluding": "6.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_open_banking_iam:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.0.0.402",
"versionStartIncluding": "2.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server_as_key_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.0.353",
"versionStartIncluding": "5.10.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.2.0.421",
"versionStartIncluding": "3.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.2.1.41",
"versionStartIncluding": "3.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.0.0.342",
"versionStartIncluding": "4.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.1.0.203",
"versionStartIncluding": "4.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2.0.142",
"versionStartIncluding": "4.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.3.0.55",
"versionStartIncluding": "4.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.4.0.19",
"versionStartIncluding": "4.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.5.0.2",
"versionStartIncluding": "4.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_api_control_plane:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.5.0.2",
"versionStartIncluding": "4.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_universal_gateway:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.5.0.2",
"versionStartIncluding": "4.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_traffic_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.5.0.2",
"versionStartIncluding": "4.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.commons_org.wso2.carbon.application.upload:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.19.7",
"versionStartIncluding": "4.7.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.commons_org.wso2.carbon.application.upload:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.32.5",
"versionStartIncluding": "4.7.32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.commons_org.wso2.carbon.application.upload:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.35.8",
"versionStartIncluding": "4.7.35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.commons_org.wso2.carbon.application.upload:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.39.1",
"versionStartIncluding": "4.7.39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.commons_org.wso2.carbon.application.upload:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.49.4",
"versionStartIncluding": "4.7.49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.commons_org.wso2.carbon.application.upload:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.52.1",
"versionStartIncluding": "4.7.52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.commons_org.wso2.carbon.application.upload:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.10.13.1",
"versionStartIncluding": "4.10.13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.commons_org.wso2.carbon.application.upload:*:*:*:*:*:*:*:*",
"versionEndIncluding": "4.9.*",
"versionStartIncluding": "4.9.12",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.commons_org.wso2.carbon.application.upload:*:*:*:*:*:*:*:*",
"versionEndIncluding": "*",
"versionStartIncluding": "4.10.24",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Danh Nguyen (k4it0) from VIB Pentest Team"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An arbitrary file upload vulnerability exists in multiple WSO2 products due to improper input validation in the CarbonAppUploader admin service endpoint. An authenticated attacker with appropriate privileges can upload a malicious file to a user-controlled location on the server, potentially leading to remote code execution (RCE).\u003cbr\u003e\u003cbr\u003eThis functionality is restricted by default to admin users; therefore, successful exploitation requires valid credentials with administrative permissions.\u003cbr\u003e"
}
],
"value": "An arbitrary file upload vulnerability exists in multiple WSO2 products due to improper input validation in the CarbonAppUploader admin service endpoint. An authenticated attacker with appropriate privileges can upload a malicious file to a user-controlled location on the server, potentially leading to remote code execution (RCE).\n\nThis functionality is restricted by default to admin users; therefore, successful exploitation requires valid credentials with administrative permissions."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-05T14:50:04.961Z",
"orgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"shortName": "WSO2"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-3961/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: transparent;\"\u003eFollow the instructions given on \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-3961/#solution\"\u003e\u003cspan style=\"background-color: transparent;\"\u003ehttps://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-3961/#solution\u003c/span\u003e\u003c/a\u003e \u003cbr\u003e"
}
],
"value": "Follow the instructions given on https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-3961/#solution https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-3961/#solution"
}
],
"source": {
"advisory": "WSO2-2025-3961",
"discovery": "EXTERNAL"
},
"title": "Authenticated Arbitrary File Upload in Multiple WSO2 Products via CarbonAppUploader Admin Service Leading to Remote Code Execution",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"assignerShortName": "WSO2",
"cveId": "CVE-2025-3125",
"datePublished": "2025-11-05T14:49:44.597Z",
"dateReserved": "2025-04-02T15:12:12.137Z",
"dateUpdated": "2025-11-05T18:59:01.426Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-5605 (GCVE-0-2025-5605)
Vulnerability from cvelistv5 – Published: 2025-10-24 10:09 – Updated: 2025-10-24 11:44
VLAI?
Summary
An authentication bypass vulnerability exists in the Management Console of multiple WSO2 products. A malicious actor with access to the console can manipulate the request URI to bypass authentication and access certain restricted resources, resulting in partial information disclosure.
The known exposure from this issue is limited to memory statistics. While the vulnerability does not allow full account compromise, it still enables unauthorized access to internal system details.
Severity ?
4.3 (Medium)
CWE
- CWE-290 - Authentication Bypass by Spoofing
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| WSO2 | WSO2 Identity Server |
Unknown:
0 , < 5.10.0
(custom)
Affected: 5.10.0 , < 5.10.0.361 (custom) Affected: 5.11.0 , < 5.11.0.414 (custom) Affected: 6.0.0 , < 6.0.0.245 (custom) Affected: 6.1.0 , < 6.1.0.244 (custom) Affected: 7.0.0 , < 7.0.0.119 (custom) Affected: 7.1.0 , < 7.1.0.25 (custom) |
|||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||
Credits
Noël Maccary
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-5605",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-24T11:44:00.454638Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-290",
"description": "CWE-290 Authentication Bypass by Spoofing",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-24T11:44:58.987Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WSO2 Identity Server",
"vendor": "WSO2",
"versions": [
{
"lessThan": "5.10.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "5.10.0.361",
"status": "affected",
"version": "5.10.0",
"versionType": "custom"
},
{
"lessThan": "5.11.0.414",
"status": "affected",
"version": "5.11.0",
"versionType": "custom"
},
{
"lessThan": "6.0.0.245",
"status": "affected",
"version": "6.0.0",
"versionType": "custom"
},
{
"lessThan": "6.1.0.244",
"status": "affected",
"version": "6.1.0",
"versionType": "custom"
},
{
"lessThan": "7.0.0.119",
"status": "affected",
"version": "7.0.0",
"versionType": "custom"
},
{
"lessThan": "7.1.0.25",
"status": "affected",
"version": "7.1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Enterprise Integrator",
"vendor": "WSO2",
"versions": [
{
"lessThan": "6.6.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "6.6.0.217",
"status": "affected",
"version": "6.6.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Universal Gateway",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.0.10",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Traffic Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.0.10",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 API Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "3.1.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "3.1.0.334",
"status": "affected",
"version": "3.1.0",
"versionType": "custom"
},
{
"lessThan": "3.2.0.430",
"status": "affected",
"version": "3.2.0",
"versionType": "custom"
},
{
"lessThan": "3.2.1.48",
"status": "affected",
"version": "3.2.1",
"versionType": "custom"
},
{
"lessThan": "4.0.0.346",
"status": "affected",
"version": "4.0.0",
"versionType": "custom"
},
{
"lessThan": "4.1.0.210",
"status": "affected",
"version": "4.1.0",
"versionType": "custom"
},
{
"lessThan": "4.2.0.148",
"status": "affected",
"version": "4.2.0",
"versionType": "custom"
},
{
"lessThan": "4.3.0.61",
"status": "affected",
"version": "4.3.0",
"versionType": "custom"
},
{
"lessThan": "4.4.0.24",
"status": "affected",
"version": "4.4.0",
"versionType": "custom"
},
{
"lessThan": "4.5.0.10",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 API Control Plane",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.0.11",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Identity Server as Key Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "5.10.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "5.10.0.354",
"status": "affected",
"version": "5.10.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Open Banking AM",
"vendor": "WSO2",
"versions": [
{
"lessThan": "2.0.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "2.0.0.382",
"status": "affected",
"version": "2.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Open Banking IAM",
"vendor": "WSO2",
"versions": [
{
"lessThan": "2.0.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "2.0.0.403",
"status": "affected",
"version": "2.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"packageName": "org.wso2.carbon:org.wso2.carbon.ui",
"product": "org.wso2.carbon:org.wso2.carbon.ui",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.3.40",
"status": "affected",
"version": "4.5.3",
"versionType": "custom"
},
{
"lessThan": "4.6.0.1224",
"status": "affected",
"version": "4.6.0",
"versionType": "custom"
},
{
"lessThan": "4.6.1.150",
"status": "affected",
"version": "4.6.1",
"versionType": "custom"
},
{
"lessThan": "4.6.2.664",
"status": "affected",
"version": "4.6.2",
"versionType": "custom"
},
{
"lessThan": "4.6.3.32",
"status": "affected",
"version": "4.6.3",
"versionType": "custom"
},
{
"lessThan": "4.6.4.8",
"status": "affected",
"version": "4.6.4",
"versionType": "custom"
},
{
"lessThan": "4.7.1.69",
"status": "affected",
"version": "4.7.1",
"versionType": "custom"
},
{
"lessThan": "4.8.1.33",
"status": "affected",
"version": "4.8.1",
"versionType": "custom"
},
{
"lessThan": "4.9.0.100",
"status": "affected",
"version": "4.9.0",
"versionType": "custom"
},
{
"lessThan": "4.9.26.20",
"status": "affected",
"version": "4.9.26",
"versionType": "custom"
},
{
"lessThan": "4.9.27.4",
"status": "affected",
"version": "4.9.27",
"versionType": "custom"
},
{
"lessThan": "4.9.28.4",
"status": "affected",
"version": "4.9.28",
"versionType": "custom"
},
{
"lessThan": "4.10.9.68",
"status": "affected",
"version": "4.10.9",
"versionType": "custom"
},
{
"lessThan": "4.10.42.10",
"status": "affected",
"version": "4.10.42",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.9.*",
"status": "unaffected",
"version": "4.9.29",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "4.10.90",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.0.361",
"versionStartIncluding": "5.10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.11.0.414",
"versionStartIncluding": "5.11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.0.0.245",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.0.244",
"versionStartIncluding": "6.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.0.0.119",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.1.0.25",
"versionStartIncluding": "7.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_enterprise_integrator:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.0.217",
"versionStartIncluding": "6.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_universal_gateway:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.5.0.10",
"versionStartIncluding": "4.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_traffic_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.5.0.10",
"versionStartIncluding": "4.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.1.0.334",
"versionStartIncluding": "3.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.2.0.430",
"versionStartIncluding": "3.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.2.1.48",
"versionStartIncluding": "3.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.0.0.346",
"versionStartIncluding": "4.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.1.0.210",
"versionStartIncluding": "4.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2.0.148",
"versionStartIncluding": "4.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.3.0.61",
"versionStartIncluding": "4.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.4.0.24",
"versionStartIncluding": "4.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.5.0.10",
"versionStartIncluding": "4.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_api_control_plane:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.5.0.11",
"versionStartIncluding": "4.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server_as_key_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.0.354",
"versionStartIncluding": "5.10.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_open_banking_am:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.0.0.382",
"versionStartIncluding": "2.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_open_banking_iam:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.0.0.403",
"versionStartIncluding": "2.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.5.3.40",
"versionStartIncluding": "4.5.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.6.0.1224",
"versionStartIncluding": "4.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.6.1.150",
"versionStartIncluding": "4.6.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.6.2.664",
"versionStartIncluding": "4.6.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.6.3.32",
"versionStartIncluding": "4.6.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.6.4.8",
"versionStartIncluding": "4.6.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.1.69",
"versionStartIncluding": "4.7.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.8.1.33",
"versionStartIncluding": "4.8.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.9.0.100",
"versionStartIncluding": "4.9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.9.26.20",
"versionStartIncluding": "4.9.26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.9.27.4",
"versionStartIncluding": "4.9.27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.9.28.4",
"versionStartIncluding": "4.9.28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.10.9.68",
"versionStartIncluding": "4.10.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.10.42.10",
"versionStartIncluding": "4.10.42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
"versionEndIncluding": "4.9.*",
"versionStartIncluding": "4.9.29",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
"versionEndIncluding": "*",
"versionStartIncluding": "4.10.90",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "No\u00ebl Maccary"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An authentication bypass vulnerability exists in the Management Console of multiple WSO2 products. A malicious actor with access to the console can manipulate the request URI to bypass authentication and access certain restricted resources, resulting in partial information disclosure.\u003cbr\u003e\u003cbr\u003eThe known exposure from this issue is limited to memory statistics. While the vulnerability does not allow full account compromise, it still enables unauthorized access to internal system details.\u003cbr\u003e"
}
],
"value": "An authentication bypass vulnerability exists in the Management Console of multiple WSO2 products. A malicious actor with access to the console can manipulate the request URI to bypass authentication and access certain restricted resources, resulting in partial information disclosure.\n\nThe known exposure from this issue is limited to memory statistics. While the vulnerability does not allow full account compromise, it still enables unauthorized access to internal system details."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-24T10:17:47.415Z",
"orgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"shortName": "WSO2"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4115/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: transparent;\"\u003eFollow the instructions given on \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4115/#solution\"\u003e\u003cspan style=\"background-color: transparent;\"\u003ehttps://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4115/#solution\u003c/span\u003e\u003c/a\u003e \u003cbr\u003e"
}
],
"value": "Follow the instructions given on https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4115/#solution https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4115/#solution"
}
],
"source": {
"advisory": "WSO2-2025-4115",
"discovery": "EXTERNAL"
},
"title": "Authentication Bypass via URI Manipulation in Multiple WSO2 Products\u0027 Management Console Leading to Partial Information Disclosure",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"assignerShortName": "WSO2",
"cveId": "CVE-2025-5605",
"datePublished": "2025-10-24T10:09:59.591Z",
"dateReserved": "2025-06-04T10:51:11.459Z",
"dateUpdated": "2025-10-24T11:44:58.987Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-5350 (GCVE-0-2025-5350)
Vulnerability from cvelistv5 – Published: 2025-10-24 10:08 – Updated: 2025-10-24 12:16
VLAI?
Summary
SSRF and Reflected XSS Vulnerabilities exist in multiple WSO2 products within the deprecated Try-It feature, which was accessible only to administrative users. This feature accepted user-supplied URLs without proper validation, leading to server-side request forgery (SSRF). Additionally, the retrieved content was directly reflected in the HTTP response, enabling reflected cross-site scripting (XSS) in the admin user's browser context.
By tricking an administrator into accessing a crafted link, an attacker could force the server to fetch malicious content and reflect it into the admin’s browser, leading to arbitrary JavaScript execution for UI manipulation or data exfiltration. While session cookies are protected with the HttpOnly flag, the XSS still poses a significant security risk.
Furthermore, SSRF can be used by a privileged user to query internal services, potentially aiding in internal network enumeration if the target endpoints are reachable from the affected product.
Severity ?
5.9 (Medium)
CWE
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| WSO2 | WSO2 Identity Server |
Unknown:
0 , < 5.10.0
(custom)
Affected: 5.10.0 , < 5.10.0.359 (custom) Affected: 5.11.0 , < 5.11.0.415 (custom) Affected: 6.0.0 , < 6.0.0.246 (custom) Affected: 6.1.0 , < 6.1.0.245 (custom) Affected: 7.0.0 , < 7.0.0.120 (custom) Affected: 7.1.0 , < 7.1.0.27 (custom) |
|||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||
Credits
Noël MACCARY
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-5350",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-24T12:16:39.906160Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-24T12:16:49.892Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WSO2 Identity Server",
"vendor": "WSO2",
"versions": [
{
"lessThan": "5.10.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "5.10.0.359",
"status": "affected",
"version": "5.10.0",
"versionType": "custom"
},
{
"lessThan": "5.11.0.415",
"status": "affected",
"version": "5.11.0",
"versionType": "custom"
},
{
"lessThan": "6.0.0.246",
"status": "affected",
"version": "6.0.0",
"versionType": "custom"
},
{
"lessThan": "6.1.0.245",
"status": "affected",
"version": "6.1.0",
"versionType": "custom"
},
{
"lessThan": "7.0.0.120",
"status": "affected",
"version": "7.0.0",
"versionType": "custom"
},
{
"lessThan": "7.1.0.27",
"status": "affected",
"version": "7.1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Enterprise Integrator",
"vendor": "WSO2",
"versions": [
{
"lessThan": "6.6.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "6.6.0.218",
"status": "affected",
"version": "6.6.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 API Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "3.1.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "3.1.0.332",
"status": "affected",
"version": "3.1.0",
"versionType": "custom"
},
{
"lessThan": "3.2.0.428",
"status": "affected",
"version": "3.2.0",
"versionType": "custom"
},
{
"lessThan": "3.2.1.47",
"status": "affected",
"version": "3.2.1",
"versionType": "custom"
},
{
"lessThan": "4.0.0.369",
"status": "affected",
"version": "4.0.0",
"versionType": "custom"
},
{
"lessThan": "4.1.0.209",
"status": "affected",
"version": "4.1.0",
"versionType": "custom"
},
{
"lessThan": "4.2.0.147",
"status": "affected",
"version": "4.2.0",
"versionType": "custom"
},
{
"lessThan": "4.3.0.60",
"status": "affected",
"version": "4.3.0",
"versionType": "custom"
},
{
"lessThan": "4.4.0.23",
"status": "affected",
"version": "4.4.0",
"versionType": "custom"
},
{
"lessThan": "4.5.0.7",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Universal Gateway",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.0.7",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Traffic Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.0.7",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 API Control Plane",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.0.7",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Open Banking AM",
"vendor": "WSO2",
"versions": [
{
"lessThan": "2.0.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "2.0.0.380",
"status": "affected",
"version": "2.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Open Banking IAM",
"vendor": "WSO2",
"versions": [
{
"lessThan": "2.0.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "2.0.0.401",
"status": "affected",
"version": "2.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Identity Server as Key Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "5.10.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "5.10.0.352",
"status": "affected",
"version": "5.10.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"packageName": "org.wso2.carbon:org.wso2.carbon.ui",
"product": "org.wso2.carbon:org.wso2.carbon.ui",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.3.41",
"status": "affected",
"version": "4.5.3",
"versionType": "custom"
},
{
"lessThan": "4.6.0.1087",
"status": "affected",
"version": "4.6.0",
"versionType": "custom"
},
{
"lessThan": "4.6.1.151",
"status": "affected",
"version": "4.6.1",
"versionType": "custom"
},
{
"lessThan": "4.6.2.672",
"status": "affected",
"version": "4.6.2",
"versionType": "custom"
},
{
"lessThan": "4.6.3.30",
"status": "affected",
"version": "4.6.3",
"versionType": "custom"
},
{
"lessThan": "4.6.4.7",
"status": "affected",
"version": "4.6.4",
"versionType": "custom"
},
{
"lessThan": "4.7.1.70",
"status": "affected",
"version": "4.7.1",
"versionType": "custom"
},
{
"lessThan": "4.8.1.32",
"status": "affected",
"version": "4.8.1",
"versionType": "custom"
},
{
"lessThan": "4.9.0.101",
"status": "affected",
"version": "4.9.0",
"versionType": "custom"
},
{
"lessThan": "4.9.26.19",
"status": "affected",
"version": "4.9.26",
"versionType": "custom"
},
{
"lessThan": "4.9.27.3",
"status": "affected",
"version": "4.9.27",
"versionType": "custom"
},
{
"lessThan": "4.9.28.1",
"status": "affected",
"version": "4.9.28",
"versionType": "custom"
},
{
"lessThan": "4.10.9.69",
"status": "affected",
"version": "4.10.9",
"versionType": "custom"
},
{
"lessThan": "4.10.42.11",
"status": "affected",
"version": "4.10.42",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.9.*",
"status": "unaffected",
"version": "4.9.29",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "4.10.93",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "No\u00ebl MACCARY"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "SSRF and Reflected XSS Vulnerabilities exist in multiple WSO2 products within the deprecated Try-It feature, which was accessible only to administrative users. This feature accepted user-supplied URLs without proper validation, leading to server-side request forgery (SSRF). Additionally, the retrieved content was directly reflected in the HTTP response, enabling reflected cross-site scripting (XSS) in the admin user\u0027s browser context.\u003cbr\u003e\u003cbr\u003eBy tricking an administrator into accessing a crafted link, an attacker could force the server to fetch malicious content and reflect it into the admin\u2019s browser, leading to arbitrary JavaScript execution for UI manipulation or data exfiltration. While session cookies are protected with the HttpOnly flag, the XSS still poses a significant security risk.\u003cbr\u003e\u003cbr\u003eFurthermore, SSRF can be used by a privileged user to query internal services, potentially aiding in internal network enumeration if the target endpoints are reachable from the affected product.\u003cbr\u003e"
}
],
"value": "SSRF and Reflected XSS Vulnerabilities exist in multiple WSO2 products within the deprecated Try-It feature, which was accessible only to administrative users. This feature accepted user-supplied URLs without proper validation, leading to server-side request forgery (SSRF). Additionally, the retrieved content was directly reflected in the HTTP response, enabling reflected cross-site scripting (XSS) in the admin user\u0027s browser context.\n\nBy tricking an administrator into accessing a crafted link, an attacker could force the server to fetch malicious content and reflect it into the admin\u2019s browser, leading to arbitrary JavaScript execution for UI manipulation or data exfiltration. While session cookies are protected with the HttpOnly flag, the XSS still poses a significant security risk.\n\nFurthermore, SSRF can be used by a privileged user to query internal services, potentially aiding in internal network enumeration if the target endpoints are reachable from the affected product."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "CWE-918 Server-Side Request Forgery (SSRF)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-24T10:15:53.793Z",
"orgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"shortName": "WSO2"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4124/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: transparent;\"\u003eFollow the instructions given on \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4124/#solution\"\u003e\u003cspan style=\"background-color: transparent;\"\u003ehttps://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4124/#solution\u003c/span\u003e\u003c/a\u003e \u003cbr\u003e"
}
],
"value": "Follow the instructions given on https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4124/#solution https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4124/#solution"
}
],
"source": {
"advisory": "WSO2-2025-4124",
"discovery": "EXTERNAL"
},
"title": "SSRF and Reflected XSS Vulnerability in Deprecated Try-It Feature of Multiple WSO2 Products",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"assignerShortName": "WSO2",
"cveId": "CVE-2025-5350",
"datePublished": "2025-10-24T10:08:07.719Z",
"dateReserved": "2025-05-30T06:56:02.711Z",
"dateUpdated": "2025-10-24T12:16:49.892Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-9804 (GCVE-0-2025-9804)
Vulnerability from cvelistv5 – Published: 2025-10-16 12:33 – Updated: 2025-10-17 16:01
VLAI?
Summary
An improper access control vulnerability exists in multiple WSO2 products due to insufficient permission enforcement in certain internal SOAP Admin Services and System REST APIs. A low-privileged user may exploit this flaw to perform unauthorized operations, including accessing server-level information.
This vulnerability affects only internal administrative interfaces. APIs exposed through the WSO2 API Manager's API Gateway remain unaffected.
Severity ?
9.6 (Critical)
8.9 (High)
CWE
- CWE-284 - Improper Access Control
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| WSO2 | WSO2 Identity Server as Key Manager |
Unknown:
0 , < 5.3.0
(custom)
Affected: 5.3.0 , < 5.3.0.41 (custom) Affected: 5.5.0 , < 5.5.0.53 (custom) Affected: 5.6.0 , < 5.6.0.75 (custom) Affected: 5.7.0 , < 5.7.0.125 (custom) Affected: 5.9.0 , < 5.9.0.176 (custom) Affected: 5.10.0 , < 5.10.0.359 (custom) |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Credits
crnković
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-9804",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-16T13:20:20.582589Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-17T16:01:25.350Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WSO2 Identity Server as Key Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "5.3.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "5.3.0.41",
"status": "affected",
"version": "5.3.0",
"versionType": "custom"
},
{
"lessThan": "5.5.0.53",
"status": "affected",
"version": "5.5.0",
"versionType": "custom"
},
{
"lessThan": "5.6.0.75",
"status": "affected",
"version": "5.6.0",
"versionType": "custom"
},
{
"lessThan": "5.7.0.125",
"status": "affected",
"version": "5.7.0",
"versionType": "custom"
},
{
"lessThan": "5.9.0.176",
"status": "affected",
"version": "5.9.0",
"versionType": "custom"
},
{
"lessThan": "5.10.0.359",
"status": "affected",
"version": "5.10.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Identity Server",
"vendor": "WSO2",
"versions": [
{
"lessThan": "5.2.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "5.2.0.34",
"status": "affected",
"version": "5.2.0",
"versionType": "custom"
},
{
"lessThan": "5.3.0.36",
"status": "affected",
"version": "5.3.0",
"versionType": "custom"
},
{
"lessThan": "5.4.0.34",
"status": "affected",
"version": "5.4.0",
"versionType": "custom"
},
{
"lessThan": "5.4.1.38",
"status": "affected",
"version": "5.4.1",
"versionType": "custom"
},
{
"lessThan": "5.5.0.52",
"status": "affected",
"version": "5.5.0",
"versionType": "custom"
},
{
"lessThan": "5.6.0.60",
"status": "affected",
"version": "5.6.0",
"versionType": "custom"
},
{
"lessThan": "5.7.0.126",
"status": "affected",
"version": "5.7.0",
"versionType": "custom"
},
{
"lessThan": "5.8.0.110",
"status": "affected",
"version": "5.8.0",
"versionType": "custom"
},
{
"lessThan": "5.9.0.169",
"status": "affected",
"version": "5.9.0",
"versionType": "custom"
},
{
"lessThan": "5.10.0.369",
"status": "affected",
"version": "5.10.0",
"versionType": "custom"
},
{
"lessThan": "5.11.0.413",
"status": "affected",
"version": "5.11.0",
"versionType": "custom"
},
{
"lessThan": "6.0.0.244",
"status": "affected",
"version": "6.0.0",
"versionType": "custom"
},
{
"lessThan": "6.1.0.243",
"status": "affected",
"version": "6.1.0",
"versionType": "custom"
},
{
"lessThan": "7.0.0.118",
"status": "affected",
"version": "7.0.0",
"versionType": "custom"
},
{
"lessThan": "7.1.0.25",
"status": "affected",
"version": "7.1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Open Banking KM",
"vendor": "WSO2",
"versions": [
{
"lessThan": "1.4.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "1.4.0.133",
"status": "affected",
"version": "1.4.0",
"versionType": "custom"
},
{
"lessThan": "1.5.0.123",
"status": "affected",
"version": "1.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Open Banking IAM",
"vendor": "WSO2",
"versions": [
{
"lessThan": "2.0.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "2.0.0.409",
"status": "affected",
"version": "2.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Open Banking AM",
"vendor": "WSO2",
"versions": [
{
"lessThan": "1.4.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "1.4.0.139",
"status": "affected",
"version": "1.4.0",
"versionType": "custom"
},
{
"lessThan": "1.5.0.140",
"status": "affected",
"version": "1.5.0",
"versionType": "custom"
},
{
"lessThan": "2.0.0.389",
"status": "affected",
"version": "2.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 API Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "2.0.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "2.0.0.31",
"status": "affected",
"version": "2.0.0",
"versionType": "custom"
},
{
"lessThan": "2.1.0.40",
"status": "affected",
"version": "2.1.0",
"versionType": "custom"
},
{
"lessThan": "2.2.0.59",
"status": "affected",
"version": "2.2.0",
"versionType": "custom"
},
{
"lessThan": "2.5.0.85",
"status": "affected",
"version": "2.5.0",
"versionType": "custom"
},
{
"lessThan": "2.6.0.146",
"status": "affected",
"version": "2.6.0",
"versionType": "custom"
},
{
"lessThan": "3.0.0.176",
"status": "affected",
"version": "3.0.0",
"versionType": "custom"
},
{
"lessThan": "3.1.0.340",
"status": "affected",
"version": "3.1.0",
"versionType": "custom"
},
{
"lessThan": "3.2.0.441",
"status": "affected",
"version": "3.2.0",
"versionType": "custom"
},
{
"lessThan": "3.2.1.61",
"status": "affected",
"version": "3.2.1",
"versionType": "custom"
},
{
"lessThan": "4.0.0.361",
"status": "affected",
"version": "4.0.0",
"versionType": "custom"
},
{
"lessThan": "4.1.0.224",
"status": "affected",
"version": "4.1.0",
"versionType": "custom"
},
{
"lessThan": "4.2.0.162",
"status": "affected",
"version": "4.2.0",
"versionType": "custom"
},
{
"lessThan": "4.3.0.75",
"status": "affected",
"version": "4.3.0",
"versionType": "custom"
},
{
"lessThan": "4.4.0.39",
"status": "affected",
"version": "4.4.0",
"versionType": "custom"
},
{
"lessThan": "4.5.0.23",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Identity Server Analytics",
"vendor": "WSO2",
"versions": [
{
"lessThan": "5.2.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "5.2.0.19",
"status": "affected",
"version": "5.2.0",
"versionType": "custom"
},
{
"lessThan": "5.3.0.17",
"status": "affected",
"version": "5.3.0",
"versionType": "custom"
},
{
"lessThan": "5.5.0.31",
"status": "affected",
"version": "5.5.0",
"versionType": "custom"
},
{
"lessThan": "5.6.0.38",
"status": "affected",
"version": "5.6.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "API Manager Analytics",
"vendor": "WSO2",
"versions": [
{
"lessThan": "2.0.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "2.0.0.14",
"status": "affected",
"version": "2.0.0",
"versionType": "custom"
},
{
"lessThan": "2.1.0.19",
"status": "affected",
"version": "2.1.0",
"versionType": "custom"
},
{
"lessThan": "2.2.0.30",
"status": "affected",
"version": "2.2.0",
"versionType": "custom"
},
{
"lessThan": "2.5.0.39",
"status": "affected",
"version": "2.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Enterprise Integrator",
"vendor": "WSO2",
"versions": [
{
"lessThan": "6.2.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "6.2.0.62",
"status": "affected",
"version": "6.2.0",
"versionType": "custom"
},
{
"lessThan": "6.3.0.70",
"status": "affected",
"version": "6.3.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Enterprise Service Bus Analytics",
"vendor": "WSO2",
"versions": [
{
"lessThan": "5.0.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "5.0.0.13",
"status": "affected",
"version": "5.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Data Analytics Server",
"vendor": "WSO2",
"versions": [
{
"lessThan": "3.1.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "3.1.0.20",
"status": "affected",
"version": "3.1.0",
"versionType": "custom"
},
{
"lessThan": "3.2.0.33",
"status": "affected",
"version": "3.2.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Enterprise Mobility Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "2.2.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "2.2.0.28",
"status": "affected",
"version": "2.2.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Universal Gateway",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.0.22",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 API Control Plane",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.0.24",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Traffic Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.0.22",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"packageName": "org.wso2.carbon.extension.identity.authenticator.outbound.totp:org.wso2.carbon.extension.identity.authenticator.totp.connector",
"product": "org.wso2.carbon.extension.identity.authenticator.outbound.totp:org.wso2.carbon.extension.identity.authenticator.totp.connector",
"vendor": "WSO2",
"versions": [
{
"lessThan": "2.0.10.1",
"status": "affected",
"version": "2.0.10",
"versionType": "custom"
},
{
"lessThan": "2.0.15.1",
"status": "affected",
"version": "2.0.15",
"versionType": "custom"
},
{
"lessThan": "2.0.21.1",
"status": "affected",
"version": "2.0.21",
"versionType": "custom"
},
{
"lessThan": "2.0.22.1",
"status": "affected",
"version": "2.0.22",
"versionType": "custom"
},
{
"lessThan": "2.1.12.1",
"status": "affected",
"version": "2.1.12",
"versionType": "custom"
},
{
"lessThan": "2.1.1972",
"status": "affected",
"version": "2.1",
"versionType": "custom"
},
{
"lessThan": "2.2.24",
"status": "affected",
"version": "2.2",
"versionType": "custom"
},
{
"lessThan": "2.2.25",
"status": "affected",
"version": "2.2",
"versionType": "custom"
},
{
"lessThan": "3.1.0.74",
"status": "affected",
"version": "3.1.0",
"versionType": "custom"
},
{
"lessThan": "3.3.6.7",
"status": "affected",
"version": "3.3.6",
"versionType": "custom"
},
{
"lessThan": "3.3.26.2",
"status": "affected",
"version": "3.3.26",
"versionType": "custom"
},
{
"lessThan": "3.3.35.1",
"status": "affected",
"version": "3.3.35",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "3.3.41",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"packageName": "org.wso2.carbon.apimgt:org.wso2.carbon.apimgt.rest.api.util",
"product": "org.wso2.carbon.apimgt:org.wso2.carbon.apimgt.rest.api.util",
"vendor": "WSO2",
"versions": [
{
"lessThan": "6.7.206.567",
"status": "affected",
"version": "6.7.206",
"versionType": "custom"
},
{
"lessThan": "6.7.210.63",
"status": "affected",
"version": "6.7.210",
"versionType": "custom"
},
{
"lessThan": "9.0.174.522",
"status": "affected",
"version": "9.0.174",
"versionType": "custom"
},
{
"lessThan": "9.20.74.379",
"status": "affected",
"version": "9.20.74",
"versionType": "custom"
},
{
"lessThan": "9.28.116.360",
"status": "affected",
"version": "9.28.116",
"versionType": "custom"
},
{
"lessThan": "9.29.120.184",
"status": "affected",
"version": "9.29.120",
"versionType": "custom"
},
{
"lessThan": "9.30.67.109",
"status": "affected",
"version": "9.30.67",
"versionType": "custom"
},
{
"lessThan": "9.31.86.71",
"status": "affected",
"version": "9.31.86",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "9.32.133",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"packageName": "org.wso2.carbon:org.wso2.carbon.base",
"product": "org.wso2.carbon:org.wso2.carbon.base",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.4.7.6",
"status": "affected",
"version": "4.4.7",
"versionType": "custom"
},
{
"lessThan": "4.4.9.11",
"status": "affected",
"version": "4.4.9",
"versionType": "custom"
},
{
"lessThan": "4.4.11.9",
"status": "affected",
"version": "4.4.11",
"versionType": "custom"
},
{
"lessThan": "4.4.26.12",
"status": "affected",
"version": "4.4.26",
"versionType": "custom"
},
{
"lessThan": "4.4.35.44",
"status": "affected",
"version": "4.4.35",
"versionType": "custom"
},
{
"lessThan": "4.5.1.43",
"status": "affected",
"version": "4.5.1",
"versionType": "custom"
},
{
"lessThan": "4.6.0.1990",
"status": "affected",
"version": "4.6.0",
"versionType": "custom"
},
{
"lessThan": "4.6.1.149",
"status": "affected",
"version": "4.6.1",
"versionType": "custom"
},
{
"lessThan": "4.6.2.667",
"status": "affected",
"version": "4.6.2",
"versionType": "custom"
},
{
"lessThan": "4.6.3.36",
"status": "affected",
"version": "4.6.3",
"versionType": "custom"
},
{
"lessThan": "4.6.4.14",
"status": "affected",
"version": "4.6.4",
"versionType": "custom"
},
{
"lessThan": "4.7.1.68",
"status": "affected",
"version": "4.7.1",
"versionType": "custom"
},
{
"lessThan": "4.8.1.39",
"status": "affected",
"version": "4.8.1",
"versionType": "custom"
},
{
"lessThan": "4.9.0.99",
"status": "affected",
"version": "4.9.0",
"versionType": "custom"
},
{
"lessThan": "4.9.26.25",
"status": "affected",
"version": "4.9.26",
"versionType": "custom"
},
{
"lessThan": "4.9.27.10",
"status": "affected",
"version": "4.9.27",
"versionType": "custom"
},
{
"lessThan": "4.9.28.11",
"status": "affected",
"version": "4.9.28",
"versionType": "custom"
},
{
"lessThan": "4.10.9.66",
"status": "affected",
"version": "4.10.9",
"versionType": "custom"
},
{
"lessThan": "4.10.42.9",
"status": "affected",
"version": "4.10.42",
"versionType": "custom"
},
{
"lessThan": "4.9.29",
"status": "affected",
"version": "4.9",
"versionType": "custom"
},
{
"lessThan": "4.10.94",
"status": "affected",
"version": "4.10",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"packageName": "org.wso2.carbon.identity.framework:org.wso2.carbon.identity.application.mgt",
"product": "org.wso2.carbon.identity.framework:org.wso2.carbon.identity.application.mgt",
"vendor": "WSO2",
"versions": [
{
"lessThan": "5.2.0.4",
"status": "affected",
"version": "5.2.0",
"versionType": "custom"
},
{
"lessThan": "5.2.2.21",
"status": "affected",
"version": "5.2.2",
"versionType": "custom"
},
{
"lessThan": "5.7.5.18",
"status": "affected",
"version": "5.7.5",
"versionType": "custom"
},
{
"lessThan": "5.11.148.19",
"status": "affected",
"version": "5.11.148",
"versionType": "custom"
},
{
"lessThan": "5.11.256.21",
"status": "affected",
"version": "5.11.256",
"versionType": "custom"
},
{
"lessThan": "5.12.153.63",
"status": "affected",
"version": "5.12.153",
"versionType": "custom"
},
{
"lessThan": "5.12.387.46",
"status": "affected",
"version": "5.12.387",
"versionType": "custom"
},
{
"lessThan": "5.14.97.89",
"status": "affected",
"version": "5.14.97",
"versionType": "custom"
},
{
"lessThan": "5.17.5.317",
"status": "affected",
"version": "5.17.5",
"versionType": "custom"
},
{
"lessThan": "5.17.118.17",
"status": "affected",
"version": "5.17.118",
"versionType": "custom"
},
{
"lessThan": "5.18.187.309",
"status": "affected",
"version": "5.18.187",
"versionType": "custom"
},
{
"lessThan": "5.18.248.30",
"status": "affected",
"version": "5.18.248",
"versionType": "custom"
},
{
"lessThan": "5.23.8.207",
"status": "affected",
"version": "5.23.8",
"versionType": "custom"
},
{
"lessThan": "5.24.8.23",
"status": "affected",
"version": "5.24.8",
"versionType": "custom"
},
{
"lessThan": "5.25.92.152",
"status": "affected",
"version": "5.25.92",
"versionType": "custom"
},
{
"lessThan": "5.25.705.19",
"status": "affected",
"version": "5.25.705",
"versionType": "custom"
},
{
"lessThan": "5.25.713.9",
"status": "affected",
"version": "5.25.713",
"versionType": "custom"
},
{
"lessThan": "5.25.724.3",
"status": "affected",
"version": "5.25.724",
"versionType": "custom"
},
{
"lessThan": "7.0.78.133",
"status": "affected",
"version": "7.0.78",
"versionType": "custom"
},
{
"lessThan": "7.8.23.47",
"status": "affected",
"version": "7.8.23",
"versionType": "custom"
},
{
"lessThan": "5.25.734",
"status": "affected",
"version": "5.25",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "7.8.489",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"packageName": "org.wso2.carbon:org.wso2.carbon.server.admin",
"product": "org.wso2.carbon:org.wso2.carbon.server.admin",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.4.7.6",
"status": "affected",
"version": "4.4.7",
"versionType": "custom"
},
{
"lessThan": "4.4.9.11",
"status": "affected",
"version": "4.4.9",
"versionType": "custom"
},
{
"lessThan": "4.4.11.9",
"status": "affected",
"version": "4.4.11",
"versionType": "custom"
},
{
"lessThan": "4.4.26.12",
"status": "affected",
"version": "4.4.26",
"versionType": "custom"
},
{
"lessThan": "4.4.32.16",
"status": "affected",
"version": "4.4.32",
"versionType": "custom"
},
{
"lessThan": "4.4.35.44",
"status": "affected",
"version": "4.4.35",
"versionType": "custom"
},
{
"lessThan": "4.5.1.43",
"status": "affected",
"version": "4.5.1",
"versionType": "custom"
},
{
"lessThan": "4.6.0.1990",
"status": "affected",
"version": "4.6.0",
"versionType": "custom"
},
{
"lessThan": "4.6.1.149",
"status": "affected",
"version": "4.6.1",
"versionType": "custom"
},
{
"lessThan": "4.6.2.667",
"status": "affected",
"version": "4.6.2",
"versionType": "custom"
},
{
"lessThan": "4.6.3.36",
"status": "affected",
"version": "4.6.3",
"versionType": "custom"
},
{
"lessThan": "4.6.4.14",
"status": "affected",
"version": "4.6.4",
"versionType": "custom"
},
{
"lessThan": "4.7.1.68",
"status": "affected",
"version": "4.7.1",
"versionType": "custom"
},
{
"lessThan": "4.8.1.39",
"status": "affected",
"version": "4.8.1",
"versionType": "custom"
},
{
"lessThan": "4.9.0.99",
"status": "affected",
"version": "4.9.0",
"versionType": "custom"
},
{
"lessThan": "4.9.26.25",
"status": "affected",
"version": "4.9.26",
"versionType": "custom"
},
{
"lessThan": "4.9.27.10",
"status": "affected",
"version": "4.9.27",
"versionType": "custom"
},
{
"lessThan": "4.9.28.11",
"status": "affected",
"version": "4.9.28",
"versionType": "custom"
},
{
"lessThan": "4.10.9.66",
"status": "affected",
"version": "4.10.9",
"versionType": "custom"
},
{
"lessThan": "4.10.42.9",
"status": "affected",
"version": "4.10.42",
"versionType": "custom"
},
{
"lessThan": "4.9.29",
"status": "affected",
"version": "4.9",
"versionType": "custom"
},
{
"lessThan": "4.10.94",
"status": "affected",
"version": "4.10",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"packageName": "org.wso2.carbon.identity.workflow.user:org.wso2.carbon.user.mgt.workflow",
"product": "org.wso2.carbon.identity.workflow.user:org.wso2.carbon.user.mgt.workflow",
"vendor": "WSO2",
"versions": [
{
"lessThan": "5.1.1.1",
"status": "affected",
"version": "5.1.1",
"versionType": "custom"
},
{
"lessThan": "5.1.2.1",
"status": "affected",
"version": "5.1.2",
"versionType": "custom"
},
{
"lessThan": "5.1.5.1",
"status": "affected",
"version": "5.1.5",
"versionType": "custom"
},
{
"lessThan": "5.3.3.1",
"status": "affected",
"version": "5.3.3",
"versionType": "custom"
},
{
"lessThan": "5.4.0.4",
"status": "affected",
"version": "5.4.0",
"versionType": "custom"
},
{
"lessThan": "5.4.1.5",
"status": "affected",
"version": "5.4.1",
"versionType": "custom"
},
{
"lessThan": "5.6.0.1",
"status": "affected",
"version": "5.6.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.6.21",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "crnkovi\u0107"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An improper access control vulnerability exists in multiple WSO2 products due to insufficient permission enforcement in certain internal SOAP Admin Services and System REST APIs. A low-privileged user may exploit this flaw to perform unauthorized operations, including accessing server-level information.\u003cbr\u003e\u003cbr\u003eThis vulnerability affects only internal administrative interfaces. APIs exposed through the WSO2 API Manager\u0027s API Gateway remain unaffected.\u003cbr\u003e"
}
],
"value": "An improper access control vulnerability exists in multiple WSO2 products due to insufficient permission enforcement in certain internal SOAP Admin Services and System REST APIs. A low-privileged user may exploit this flaw to perform unauthorized operations, including accessing server-level information.\n\nThis vulnerability affects only internal administrative interfaces. APIs exposed through the WSO2 API Manager\u0027s API Gateway remain unaffected."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.6,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "For WSO2 API Manager"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.9,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "For WSO2 Identity Server"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-16T12:33:45.426Z",
"orgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"shortName": "WSO2"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4503/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: transparent;\"\u003eFollow the instructions given on \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4503/#solution\"\u003e\u003cspan style=\"background-color: transparent;\"\u003ehttps://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4503/#solution\u003c/span\u003e\u003c/a\u003e \u003cbr\u003e"
}
],
"value": "Follow the instructions given on https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4503/#solution https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4503/#solution"
}
],
"source": {
"advisory": "WSO2-2025-4503",
"discovery": "EXTERNAL"
},
"title": "Improper Access Control in Multiple WSO2 Products via Internal SOAP Admin Services and System REST APIs",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"assignerShortName": "WSO2",
"cveId": "CVE-2025-9804",
"datePublished": "2025-10-16T12:33:45.426Z",
"dateReserved": "2025-09-01T13:11:12.678Z",
"dateUpdated": "2025-10-17T16:01:25.350Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-10611 (GCVE-0-2025-10611)
Vulnerability from cvelistv5 – Published: 2025-10-16 12:09 – Updated: 2025-10-16 13:34
VLAI?
Summary
Due to an insufficient access control implementation in multiple WSO2 Products, authentication and authorization checks for certain REST APIs can be bypassed, allowing them to be invoked without proper validation.
Successful exploitation of this vulnerability could lead to a malicious actor gaining administrative access and performing unauthenticated and unauthorized administrative operations.
Severity ?
9.8 (Critical)
CWE
- CWE-863 - Incorrect Authorization
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| WSO2 | WSO2 API Manager |
Unknown:
0 , < 2.1.0
(custom)
Affected: 2.1.0 , < 2.1.0.42 (custom) Affected: 2.2.0 , < 2.2.0.61 (custom) Affected: 2.5.0 , < 2.5.0.87 (custom) Affected: 2.6.0 , < 2.6.0.148 (custom) Affected: 3.0.0 , < 3.0.0.178 (custom) Affected: 3.1.0 , < 3.1.0.345 (custom) Affected: 3.2.0 , < 3.2.0.446 (custom) Affected: 3.2.1 , < 3.2.1.66 (custom) Affected: 4.0.0 , < 4.0.0.366 (custom) Affected: 4.1.0 , < 4.1.0.228 (custom) Affected: 4.2.0 , < 4.2.0.169 (custom) Affected: 4.3.0 , < 4.3.0.81 (custom) Affected: 4.4.0 , < 4.4.0.45 (custom) Affected: 4.5.0 , < 4.5.0.28 (custom) |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-10611",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-16T13:24:33.931504Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863 Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-16T13:34:31.799Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WSO2 API Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "2.1.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "2.1.0.42",
"status": "affected",
"version": "2.1.0",
"versionType": "custom"
},
{
"lessThan": "2.2.0.61",
"status": "affected",
"version": "2.2.0",
"versionType": "custom"
},
{
"lessThan": "2.5.0.87",
"status": "affected",
"version": "2.5.0",
"versionType": "custom"
},
{
"lessThan": "2.6.0.148",
"status": "affected",
"version": "2.6.0",
"versionType": "custom"
},
{
"lessThan": "3.0.0.178",
"status": "affected",
"version": "3.0.0",
"versionType": "custom"
},
{
"lessThan": "3.1.0.345",
"status": "affected",
"version": "3.1.0",
"versionType": "custom"
},
{
"lessThan": "3.2.0.446",
"status": "affected",
"version": "3.2.0",
"versionType": "custom"
},
{
"lessThan": "3.2.1.66",
"status": "affected",
"version": "3.2.1",
"versionType": "custom"
},
{
"lessThan": "4.0.0.366",
"status": "affected",
"version": "4.0.0",
"versionType": "custom"
},
{
"lessThan": "4.1.0.228",
"status": "affected",
"version": "4.1.0",
"versionType": "custom"
},
{
"lessThan": "4.2.0.169",
"status": "affected",
"version": "4.2.0",
"versionType": "custom"
},
{
"lessThan": "4.3.0.81",
"status": "affected",
"version": "4.3.0",
"versionType": "custom"
},
{
"lessThan": "4.4.0.45",
"status": "affected",
"version": "4.4.0",
"versionType": "custom"
},
{
"lessThan": "4.5.0.28",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 API Control Plane",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.0.29",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Open Banking AM",
"vendor": "WSO2",
"versions": [
{
"lessThan": "1.4.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "1.4.0.141",
"status": "affected",
"version": "1.4.0",
"versionType": "custom"
},
{
"lessThan": "1.5.0.142",
"status": "affected",
"version": "1.5.0",
"versionType": "custom"
},
{
"lessThan": "2.0.0.394",
"status": "affected",
"version": "2.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Open Banking IAM",
"vendor": "WSO2",
"versions": [
{
"lessThan": "2.0.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "2.0.0.414",
"status": "affected",
"version": "2.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Identity Server",
"vendor": "WSO2",
"versions": [
{
"lessThan": "5.3.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "5.3.0.39",
"status": "affected",
"version": "5.3.0",
"versionType": "custom"
},
{
"lessThan": "5.5.0.54",
"status": "affected",
"version": "5.5.0",
"versionType": "custom"
},
{
"lessThan": "5.6.0.62",
"status": "affected",
"version": "5.6.0",
"versionType": "custom"
},
{
"lessThan": "5.7.0.128",
"status": "affected",
"version": "5.7.0",
"versionType": "custom"
},
{
"lessThan": "5.8.0.112",
"status": "affected",
"version": "5.8.0",
"versionType": "custom"
},
{
"lessThan": "5.9.0.171",
"status": "affected",
"version": "5.9.0",
"versionType": "custom"
},
{
"lessThan": "5.10.0.375",
"status": "affected",
"version": "5.10.0",
"versionType": "custom"
},
{
"lessThan": "5.11.0.419",
"status": "affected",
"version": "5.11.0",
"versionType": "custom"
},
{
"lessThan": "6.0.0.248",
"status": "affected",
"version": "6.0.0",
"versionType": "custom"
},
{
"lessThan": "6.1.0.248",
"status": "affected",
"version": "6.1.0",
"versionType": "custom"
},
{
"lessThan": "7.0.0.124",
"status": "affected",
"version": "7.0.0",
"versionType": "custom"
},
{
"lessThan": "7.1.0.31",
"status": "affected",
"version": "7.1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Identity Server as Key Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "5.3.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "5.3.0.44",
"status": "affected",
"version": "5.3.0",
"versionType": "custom"
},
{
"lessThan": "5.5.0.55",
"status": "affected",
"version": "5.5.0",
"versionType": "custom"
},
{
"lessThan": "5.6.0.77",
"status": "affected",
"version": "5.6.0",
"versionType": "custom"
},
{
"lessThan": "5.7.0.127",
"status": "affected",
"version": "5.7.0",
"versionType": "custom"
},
{
"lessThan": "5.9.0.178",
"status": "affected",
"version": "5.9.0",
"versionType": "custom"
},
{
"lessThan": "5.10.0.365",
"status": "affected",
"version": "5.10.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Open Banking KM",
"vendor": "WSO2",
"versions": [
{
"lessThan": "1.4.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "1.4.0.135",
"status": "affected",
"version": "1.4.0",
"versionType": "custom"
},
{
"lessThan": "1.5.0.125",
"status": "affected",
"version": "1.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Universal Gateway",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.0.27",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Traffic Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.0.27",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"packageName": "org.wso2.carbon.identity.auth.rest:org.wso2.carbon.identity.auth.service",
"product": "org.wso2.carbon.identity.auth.rest:org.wso2.carbon.identity.auth.service",
"vendor": "WSO2",
"versions": [
{
"lessThan": "1.1.1.7",
"status": "affected",
"version": "1.1.1",
"versionType": "custom"
},
{
"lessThan": "1.1.16.6",
"status": "affected",
"version": "1.1.16",
"versionType": "custom"
},
{
"lessThan": "1.1.18.7",
"status": "affected",
"version": "1.1.18",
"versionType": "custom"
},
{
"lessThan": "1.1.20.9",
"status": "affected",
"version": "1.1.20",
"versionType": "custom"
},
{
"lessThan": "1.1.26.11",
"status": "affected",
"version": "1.1.26",
"versionType": "custom"
},
{
"lessThan": "1.3.6.11",
"status": "affected",
"version": "1.3.6",
"versionType": "custom"
},
{
"lessThan": "1.4.0.21",
"status": "affected",
"version": "1.4.0",
"versionType": "custom"
},
{
"lessThan": "1.4.25.27",
"status": "affected",
"version": "1.4.25",
"versionType": "custom"
},
{
"lessThan": "1.4.52.6",
"status": "affected",
"version": "1.4.52",
"versionType": "custom"
},
{
"lessThan": "1.6.1.12",
"status": "affected",
"version": "1.6.1",
"versionType": "custom"
},
{
"lessThan": "1.7.1.7",
"status": "affected",
"version": "1.7.1",
"versionType": "custom"
},
{
"lessThan": "1.8.11.8",
"status": "affected",
"version": "1.8.11",
"versionType": "custom"
},
{
"lessThan": "1.8.41.4",
"status": "affected",
"version": "1.8.41",
"versionType": "custom"
},
{
"lessThan": "1.9.4.9",
"status": "affected",
"version": "1.9.4",
"versionType": "custom"
},
{
"lessThan": "1.9.18.7",
"status": "affected",
"version": "1.9.18",
"versionType": "custom"
},
{
"lessThan": "1.8.48",
"status": "affected",
"version": "1.8",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "1.9.46",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"packageName": "org.wso2.carbon.identity.auth.rest:org.wso2.carbon.identity.auth.valve",
"product": "org.wso2.carbon.identity.auth.rest:org.wso2.carbon.identity.auth.valve",
"vendor": "WSO2",
"versions": [
{
"lessThan": "1.1.1.7",
"status": "affected",
"version": "1.1.1",
"versionType": "custom"
},
{
"lessThan": "1.1.16.6",
"status": "affected",
"version": "1.1.16",
"versionType": "custom"
},
{
"lessThan": "1.1.18.7",
"status": "affected",
"version": "1.1.18",
"versionType": "custom"
},
{
"lessThan": "1.1.20.9",
"status": "affected",
"version": "1.1.20",
"versionType": "custom"
},
{
"lessThan": "1.1.26.11",
"status": "affected",
"version": "1.1.26",
"versionType": "custom"
},
{
"lessThan": "1.3.6.11",
"status": "affected",
"version": "1.3.6",
"versionType": "custom"
},
{
"lessThan": "1.4.0.21",
"status": "affected",
"version": "1.4.0",
"versionType": "custom"
},
{
"lessThan": "1.4.25.27",
"status": "affected",
"version": "1.4.25",
"versionType": "custom"
},
{
"lessThan": "1.4.52.6",
"status": "affected",
"version": "1.4.52",
"versionType": "custom"
},
{
"lessThan": "1.6.1.12",
"status": "affected",
"version": "1.6.1",
"versionType": "custom"
},
{
"lessThan": "1.7.1.7",
"status": "affected",
"version": "1.7.1",
"versionType": "custom"
},
{
"lessThan": "1.8.11.8",
"status": "affected",
"version": "1.8.11",
"versionType": "custom"
},
{
"lessThan": "1.8.41.4",
"status": "affected",
"version": "1.8.41",
"versionType": "custom"
},
{
"lessThan": "1.9.4.9",
"status": "affected",
"version": "1.9.4",
"versionType": "custom"
},
{
"lessThan": "1.9.18.7",
"status": "affected",
"version": "1.9.18",
"versionType": "custom"
},
{
"lessThan": "1.8.48",
"status": "affected",
"version": "1.8",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "1.9.46",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Due to an insufficient access control implementation in multiple WSO2 Products, authentication and authorization checks for certain REST APIs can be bypassed, allowing them to be invoked without proper validation.\u003cbr\u003e\u003cbr\u003eSuccessful exploitation of this vulnerability could lead to a malicious actor gaining administrative access and performing unauthenticated and unauthorized administrative operations.\u003cbr\u003e"
}
],
"value": "Due to an insufficient access control implementation in multiple WSO2 Products, authentication and authorization checks for certain REST APIs can be bypassed, allowing them to be invoked without proper validation.\n\nSuccessful exploitation of this vulnerability could lead to a malicious actor gaining administrative access and performing unauthenticated and unauthorized administrative operations."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-16T12:09:31.802Z",
"orgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"shortName": "WSO2"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4585/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: transparent;\"\u003eFollow the instructions given on \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4585/#solution\"\u003e\u003cspan style=\"background-color: transparent;\"\u003ehttps://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4585/#solution\u003c/span\u003e\u003c/a\u003e \u003cbr\u003e"
}
],
"value": "Follow the instructions given on https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4585/#solution https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4585/#solution"
}
],
"source": {
"advisory": "WSO2-2025-4585",
"discovery": "INTERNAL"
},
"title": "Potential Broken Access Control in Multiple WSO2 Products via System REST APIs",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"assignerShortName": "WSO2",
"cveId": "CVE-2025-10611",
"datePublished": "2025-10-16T12:09:31.802Z",
"dateReserved": "2025-09-17T08:56:27.794Z",
"dateUpdated": "2025-10-16T13:34:31.799Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-1862 (GCVE-0-2025-1862)
Vulnerability from cvelistv5 – Published: 2025-09-26 08:18 – Updated: 2025-09-29 12:38
VLAI?
Summary
An arbitrary file upload vulnerability exists in multiple WSO2 products due to improper validation of user-supplied filenames in the BPEL uploader SOAP service endpoint. A malicious actor with administrative privileges can upload arbitrary files to a user-controlled location on the server.
By leveraging this vulnerability, an attacker can upload a specially crafted payload and achieve remote code execution (RCE), potentially compromising the server and its data.
Severity ?
6.7 (Medium)
CWE
- CWE-434 - Unrestricted Upload of File with Dangerous Type
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| WSO2 | WSO2 Enterprise Integrator |
Affected:
6.6.0 , < 6.6.0.215
(custom)
|
|||||||||||||||||
|
|||||||||||||||||||
Credits
Luk Luk
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-1862",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-27T03:55:27.361521Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-29T12:38:07.003Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WSO2 Enterprise Integrator",
"vendor": "WSO2",
"versions": [
{
"lessThan": "6.6.0.215",
"status": "affected",
"version": "6.6.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Identity Server",
"vendor": "WSO2",
"versions": [
{
"lessThan": "5.10.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "5.10.0.347",
"status": "affected",
"version": "5.10.0",
"versionType": "custom"
},
{
"lessThan": "5.11.0.396",
"status": "affected",
"version": "5.11.0",
"versionType": "custom"
},
{
"lessThan": "6.0.0.232",
"status": "affected",
"version": "6.0.0",
"versionType": "custom"
},
{
"lessThan": "6.1.0.224",
"status": "affected",
"version": "6.1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Open Banking IAM",
"vendor": "WSO2",
"versions": [
{
"lessThan": "2.0.0.391",
"status": "affected",
"version": "2.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Identity Server as Key Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "5.10.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "5.10.0.340",
"status": "affected",
"version": "5.10.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Luk Luk"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An arbitrary file upload vulnerability exists in multiple WSO2 products due to improper validation of user-supplied filenames in the BPEL uploader SOAP service endpoint. A malicious actor with administrative privileges can upload arbitrary files to a user-controlled location on the server.\n\u003cbr\u003e\u003cbr\u003eBy leveraging this vulnerability, an attacker can upload a specially crafted payload and achieve remote code execution (RCE), potentially compromising the server and its data.\u003cbr\u003e"
}
],
"value": "An arbitrary file upload vulnerability exists in multiple WSO2 products due to improper validation of user-supplied filenames in the BPEL uploader SOAP service endpoint. A malicious actor with administrative privileges can upload arbitrary files to a user-controlled location on the server.\n\n\nBy leveraging this vulnerability, an attacker can upload a specially crafted payload and achieve remote code execution (RCE), potentially compromising the server and its data."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-26T08:18:21.708Z",
"orgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"shortName": "WSO2"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-3992/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: transparent;\"\u003eFollow the instructions given on \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-3992/#solution\"\u003e\u003cspan style=\"background-color: transparent;\"\u003ehttps://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-3992/#solution\u003c/span\u003e\u003c/a\u003e \u003cbr\u003e"
}
],
"value": "Follow the instructions given on https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-3992/#solution https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-3992/#solution"
}
],
"source": {
"advisory": "WSO2-2025-3992",
"discovery": "EXTERNAL"
},
"title": "Authenticated Arbitrary File Upload in Multiple WSO2 Products via BPEL Uploader SOAP Service Leading to Remote Code Execution",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"assignerShortName": "WSO2",
"cveId": "CVE-2025-1862",
"datePublished": "2025-09-26T08:18:21.708Z",
"dateReserved": "2025-03-03T04:53:13.295Z",
"dateUpdated": "2025-09-29T12:38:07.003Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-1396 (GCVE-0-2025-1396)
Vulnerability from cvelistv5 – Published: 2025-09-26 07:52 – Updated: 2025-09-30 15:43
VLAI?
Summary
A username enumeration vulnerability exists in multiple WSO2 products when Multi-Attribute Login is enabled. In this configuration, the system returns a distinct "User does not exist" error message to the login form, regardless of the validate_username setting. This behavior allows malicious actors to determine which usernames exist in the system based on observable discrepancies in the application's responses.
Exploitation of this vulnerability could aid in brute-force attacks, targeted phishing campaigns, or other social engineering techniques by confirming the validity of user identifiers within the system.
Severity ?
CWE
- CWE-203 - Observable Discrepancy
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| WSO2 | WSO2 Identity Server |
Unknown:
0 , < 5.10.0
(custom)
Affected: 5.10.0 , < 5.10.0.346 (custom) Affected: 5.11.0 , < 5.11.0.395 (custom) Affected: 6.0.0 , < 6.0.0.231 (custom) Affected: 6.1.0 , < 6.1.0.223 (custom) |
||||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-1396",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-30T15:43:25.782305Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-30T15:43:31.106Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WSO2 Identity Server",
"vendor": "WSO2",
"versions": [
{
"lessThan": "5.10.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "5.10.0.346",
"status": "affected",
"version": "5.10.0",
"versionType": "custom"
},
{
"lessThan": "5.11.0.395",
"status": "affected",
"version": "5.11.0",
"versionType": "custom"
},
{
"lessThan": "6.0.0.231",
"status": "affected",
"version": "6.0.0",
"versionType": "custom"
},
{
"lessThan": "6.1.0.223",
"status": "affected",
"version": "6.1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Open Banking IAM",
"vendor": "WSO2",
"versions": [
{
"lessThan": "2.0.0.390",
"status": "affected",
"version": "2.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Identity Server as Key Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "5.10.0.339",
"status": "affected",
"version": "5.10.0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA username enumeration vulnerability exists in multiple WSO2 products when Multi-Attribute Login is enabled. In this configuration, the system returns a distinct \"User does not exist\" error message to the login form, regardless of the validate_username setting. This behavior allows malicious actors to determine which usernames exist in the system based on observable discrepancies in the application\u0027s responses.\u003cbr\u003e\u003c/p\u003e\u003cb\u003e\u003c/b\u003e\u003cp\u003eExploitation of this vulnerability could aid in brute-force attacks, targeted phishing campaigns, or other social engineering techniques by confirming the validity of user identifiers within the system.\u003cbr\u003e\u003c/p\u003e\u003cb\u003e\u003c/b\u003e"
}
],
"value": "A username enumeration vulnerability exists in multiple WSO2 products when Multi-Attribute Login is enabled. In this configuration, the system returns a distinct \"User does not exist\" error message to the login form, regardless of the validate_username setting. This behavior allows malicious actors to determine which usernames exist in the system based on observable discrepancies in the application\u0027s responses.\n\n\nExploitation of this vulnerability could aid in brute-force attacks, targeted phishing campaigns, or other social engineering techniques by confirming the validity of user identifiers within the system."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-203",
"description": "CWE-203 Observable Discrepancy",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-26T08:19:45.872Z",
"orgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"shortName": "WSO2"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-3983/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: transparent;\"\u003eFollow the instructions given on \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-3983/#solution\"\u003e\u003cspan style=\"background-color: transparent;\"\u003ehttps://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-3983/#solution\u003c/span\u003e\u003c/a\u003e \u003cbr\u003e"
}
],
"value": "Follow the instructions given on https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-3983/#solution https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-3983/#solution"
}
],
"source": {
"advisory": "WSO2-2025-3983",
"discovery": "INTERNAL"
},
"title": "Username Enumeration in Multiple WSO2 Products with Multi-Attribute Login Enabled",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"assignerShortName": "WSO2",
"cveId": "CVE-2025-1396",
"datePublished": "2025-09-26T07:52:52.297Z",
"dateReserved": "2025-02-17T14:17:42.038Z",
"dateUpdated": "2025-09-30T15:43:31.106Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-0672 (GCVE-0-2025-0672)
Vulnerability from cvelistv5 – Published: 2025-09-23 17:30 – Updated: 2025-09-25 16:01
VLAI?
Summary
An authentication bypass vulnerability exists in multiple WSO2 products when FIDO authentication is enabled. When a user account is deleted, the system does not automatically remove associated FIDO registration data. If a new user account is later created using the same username, the system may associate the new account with the previously registered FIDO device.
This flaw may allow a previously deleted user to authenticate using their FIDO credentials and impersonate the newly created user, resulting in unauthorized access. The vulnerability applies only to deployments that utilize FIDO-based authentication.
Severity ?
CWE
- CWE-287 - Improper Authentication
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| WSO2 | WSO2 Identity Server as Key Manager |
Unknown:
0 , < 5.10.0
(custom)
Affected: 5.10.0 , < 5.10.0.338 (custom) |
||||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0672",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-23T18:30:32.258796Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287 Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-25T16:01:00.676Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WSO2 Identity Server as Key Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "5.10.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "5.10.0.338",
"status": "affected",
"version": "5.10.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Identity Server",
"vendor": "WSO2",
"versions": [
{
"lessThan": "5.10.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "5.10.0.345",
"status": "affected",
"version": "5.10.0",
"versionType": "custom"
},
{
"lessThan": "5.11.0.394",
"status": "affected",
"version": "5.11.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Open Banking IAM",
"vendor": "WSO2",
"versions": [
{
"lessThan": "2.0.0.389",
"status": "affected",
"version": "2.0.0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An authentication bypass vulnerability exists in multiple WSO2 products when FIDO authentication is enabled. When a user account is deleted, the system does not automatically remove associated FIDO registration data. If a new user account is later created using the same username, the system may associate the new account with the previously registered FIDO device.\u003cbr\u003e\u003cbr\u003eThis flaw may allow a previously deleted user to authenticate using their FIDO credentials and impersonate the newly created user, resulting in unauthorized access. The vulnerability applies only to deployments that utilize FIDO-based authentication.\u003cbr\u003e"
}
],
"value": "An authentication bypass vulnerability exists in multiple WSO2 products when FIDO authentication is enabled. When a user account is deleted, the system does not automatically remove associated FIDO registration data. If a new user account is later created using the same username, the system may associate the new account with the previously registered FIDO device.\n\nThis flaw may allow a previously deleted user to authenticate using their FIDO credentials and impersonate the newly created user, resulting in unauthorized access. The vulnerability applies only to deployments that utilize FIDO-based authentication."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-23T17:30:42.687Z",
"orgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"shortName": "WSO2"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-3134/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: transparent;\"\u003eFollow the instructions given on \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-3134/#solution\"\u003e\u003cspan style=\"background-color: transparent;\"\u003ehttps://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-3134/#solution\u003c/span\u003e\u003c/a\u003e \u003cbr\u003e"
}
],
"value": "Follow the instructions given on https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-3134/#solution https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-3134/#solution"
}
],
"source": {
"advisory": "WSO2-2025-3134",
"discovery": "INTERNAL"
},
"title": "Authentication Bypass in Multiple WSO2 Products via Stale FIDO Credential Association",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"assignerShortName": "WSO2",
"cveId": "CVE-2025-0672",
"datePublished": "2025-09-23T17:30:42.687Z",
"dateReserved": "2025-01-23T13:38:31.988Z",
"dateUpdated": "2025-09-25T16:01:00.676Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-10853 (GCVE-0-2025-10853)
Vulnerability from nvd – Published: 2025-11-05 19:21 – Updated: 2025-11-05 19:58
VLAI?
Summary
A reflected cross-site scripting (XSS) vulnerability exists in the management console of multiple WSO2 products due to improper output encoding. By tampering with specific parameters, a malicious actor can inject arbitrary JavaScript into the response, leading to reflected XSS.
Successful exploitation could result in UI manipulation, redirection to malicious websites, or data theft from the browser. However, session-related sensitive cookies are protected with the httpOnly flag, which mitigates the risk of session hijacking.
Severity ?
5.2 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| WSO2 | WSO2 Open Banking IAM |
Unknown:
0 , < 2.0.0
(custom)
Affected: 2.0.0 , < 2.0.0.413 (custom) |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Credits
crnković
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-10853",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-05T19:51:26.535789Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-05T19:58:21.875Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WSO2 Open Banking IAM",
"vendor": "WSO2",
"versions": [
{
"lessThan": "2.0.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "2.0.0.413",
"status": "affected",
"version": "2.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 API Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "3.1.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "3.1.0.344",
"status": "affected",
"version": "3.1.0",
"versionType": "custom"
},
{
"lessThan": "3.2.0.445",
"status": "affected",
"version": "3.2.0",
"versionType": "custom"
},
{
"lessThan": "3.2.1.65",
"status": "affected",
"version": "3.2.1",
"versionType": "custom"
},
{
"lessThan": "4.0.0.365",
"status": "affected",
"version": "4.0.0",
"versionType": "custom"
},
{
"lessThan": "4.1.0.227",
"status": "affected",
"version": "4.1.0",
"versionType": "custom"
},
{
"lessThan": "4.2.0.167",
"status": "affected",
"version": "4.2.0",
"versionType": "custom"
},
{
"lessThan": "4.3.0.79",
"status": "affected",
"version": "4.3.0",
"versionType": "custom"
},
{
"lessThan": "4.4.0.43",
"status": "affected",
"version": "4.4.0",
"versionType": "custom"
},
{
"lessThan": "4.5.0.26",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Identity Server",
"vendor": "WSO2",
"versions": [
{
"lessThan": "5.10.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "5.10.0.373",
"status": "affected",
"version": "5.10.0",
"versionType": "custom"
},
{
"lessThan": "5.11.0.417",
"status": "affected",
"version": "5.11.0",
"versionType": "custom"
},
{
"lessThan": "6.0.0.247",
"status": "affected",
"version": "6.0.0",
"versionType": "custom"
},
{
"lessThan": "6.1.0.246",
"status": "affected",
"version": "6.1.0",
"versionType": "custom"
},
{
"lessThan": "7.0.0.122",
"status": "affected",
"version": "7.0.0",
"versionType": "custom"
},
{
"lessThan": "7.1.0.29",
"status": "affected",
"version": "7.1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Open Banking AM",
"vendor": "WSO2",
"versions": [
{
"lessThan": "2.0.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "2.0.0.393",
"status": "affected",
"version": "2.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Identity Server as Key Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "5.10.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "5.10.0.363",
"status": "affected",
"version": "5.10.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Enterprise Integrator",
"vendor": "WSO2",
"versions": [
{
"lessThan": "6.6.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "6.6.0.223",
"status": "affected",
"version": "6.6.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 API Control Plane",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.0.27",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Universal Gateway",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.0.25",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Traffic Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.0.25",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"packageName": "org.wso2.carbon.registry:org.wso2.carbon.registry.info.ui",
"product": "org.wso2.carbon.registry:org.wso2.carbon.registry.info.ui",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.7.32.14",
"status": "affected",
"version": "4.7.32",
"versionType": "custom"
},
{
"lessThan": "4.7.35.11",
"status": "affected",
"version": "4.7.35",
"versionType": "custom"
},
{
"lessThan": "4.7.39.9",
"status": "affected",
"version": "4.7.39",
"versionType": "custom"
},
{
"lessThan": "4.7.51.4",
"status": "affected",
"version": "4.7.51",
"versionType": "custom"
},
{
"lessThan": "4.8.3.9",
"status": "affected",
"version": "4.8.3",
"versionType": "custom"
},
{
"lessThan": "4.8.13.6",
"status": "affected",
"version": "4.8.13",
"versionType": "custom"
},
{
"lessThan": "4.8.32.3",
"status": "affected",
"version": "4.8.32",
"versionType": "custom"
},
{
"lessThan": "4.8.36.1",
"status": "affected",
"version": "4.8.36",
"versionType": "custom"
},
{
"lessThan": "4.8.43.1",
"status": "affected",
"version": "4.8.43",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "4.8.47",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"packageName": "org.wso2.carbon.registry:org.wso2.carbon.registry.resource.ui",
"product": "org.wso2.carbon.registry:org.wso2.carbon.registry.resource.ui",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.7.24.7",
"status": "affected",
"version": "4.7.24",
"versionType": "custom"
},
{
"lessThan": "4.7.32.14",
"status": "affected",
"version": "4.7.32",
"versionType": "custom"
},
{
"lessThan": "4.7.33.13",
"status": "affected",
"version": "4.7.33",
"versionType": "custom"
},
{
"lessThan": "4.7.35.11",
"status": "affected",
"version": "4.7.35",
"versionType": "custom"
},
{
"lessThan": "4.7.39.9",
"status": "affected",
"version": "4.7.39",
"versionType": "custom"
},
{
"lessThan": "4.7.51.4",
"status": "affected",
"version": "4.7.51",
"versionType": "custom"
},
{
"lessThan": "4.8.3.9",
"status": "affected",
"version": "4.8.3",
"versionType": "custom"
},
{
"lessThan": "4.8.9.5",
"status": "affected",
"version": "4.8.9",
"versionType": "custom"
},
{
"lessThan": "4.8.12.5",
"status": "affected",
"version": "4.8.12",
"versionType": "custom"
},
{
"lessThan": "4.8.13.6",
"status": "affected",
"version": "4.8.13",
"versionType": "custom"
},
{
"lessThan": "4.8.24.3",
"status": "affected",
"version": "4.8.24",
"versionType": "custom"
},
{
"lessThan": "4.8.32.3",
"status": "affected",
"version": "4.8.32",
"versionType": "custom"
},
{
"lessThan": "4.8.36.1",
"status": "affected",
"version": "4.8.36",
"versionType": "custom"
},
{
"lessThan": "4.8.43.1",
"status": "affected",
"version": "4.8.43",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "4.8.47",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"packageName": "org.wso2.carbon.governance:org.wso2.carbon.governance.wsdltool.ui",
"product": "org.wso2.carbon.governance:org.wso2.carbon.governance.wsdltool.ui",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.8.19.5",
"status": "affected",
"version": "4.8.19",
"versionType": "custom"
},
{
"lessThan": "4.8.21.9",
"status": "affected",
"version": "4.8.21",
"versionType": "custom"
},
{
"lessThan": "4.8.28.3",
"status": "affected",
"version": "4.8.28",
"versionType": "custom"
},
{
"lessThan": "4.8.30.3",
"status": "affected",
"version": "4.8.30",
"versionType": "custom"
},
{
"lessThan": "4.8.32.1",
"status": "affected",
"version": "4.8.32",
"versionType": "custom"
},
{
"lessThan": "4.8.33.3",
"status": "affected",
"version": "4.8.33",
"versionType": "custom"
},
{
"lessThan": "4.8.34.3",
"status": "affected",
"version": "4.8.34",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "4.8.35",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"packageName": "org.wso2.carbon.identity.inbound.auth.oauth2:org.wso2.carbon.identity.oauth.ui",
"product": "org.wso2.carbon.identity.inbound.auth.oauth2:org.wso2.carbon.identity.oauth.ui",
"vendor": "WSO2",
"versions": [
{
"lessThan": "6.4.2.165",
"status": "affected",
"version": "6.4.2",
"versionType": "custom"
},
{
"lessThan": "6.4.111.155",
"status": "affected",
"version": "6.4.111",
"versionType": "custom"
},
{
"lessThan": "6.4.176.28",
"status": "affected",
"version": "6.4.176",
"versionType": "custom"
},
{
"lessThan": "6.4.180.12",
"status": "affected",
"version": "6.4.180",
"versionType": "custom"
},
{
"lessThan": "6.9.6.26",
"status": "affected",
"version": "6.9.6",
"versionType": "custom"
},
{
"lessThan": "6.13.16.19",
"status": "affected",
"version": "6.13.16",
"versionType": "custom"
},
{
"lessThan": "6.13.19.12",
"status": "affected",
"version": "6.13.19",
"versionType": "custom"
},
{
"lessThan": "6.13.27.5",
"status": "affected",
"version": "6.13.27",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.13.*",
"status": "unaffected",
"version": "6.13.38",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "7.0.349",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_open_banking_iam:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.0.0.413",
"versionStartIncluding": "2.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.1.0.344",
"versionStartIncluding": "3.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.2.0.445",
"versionStartIncluding": "3.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.2.1.65",
"versionStartIncluding": "3.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.0.0.365",
"versionStartIncluding": "4.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.1.0.227",
"versionStartIncluding": "4.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2.0.167",
"versionStartIncluding": "4.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.3.0.79",
"versionStartIncluding": "4.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.4.0.43",
"versionStartIncluding": "4.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.5.0.26",
"versionStartIncluding": "4.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.0.373",
"versionStartIncluding": "5.10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.11.0.417",
"versionStartIncluding": "5.11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.0.0.247",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.0.246",
"versionStartIncluding": "6.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.0.0.122",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.1.0.29",
"versionStartIncluding": "7.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_open_banking_am:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.0.0.393",
"versionStartIncluding": "2.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server_as_key_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.0.363",
"versionStartIncluding": "5.10.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_enterprise_integrator:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.0.223",
"versionStartIncluding": "6.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_api_control_plane:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.5.0.27",
"versionStartIncluding": "4.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_universal_gateway:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.5.0.25",
"versionStartIncluding": "4.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_traffic_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.5.0.25",
"versionStartIncluding": "4.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.registry_org.wso2.carbon.registry.info.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.32.14",
"versionStartIncluding": "4.7.32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.registry_org.wso2.carbon.registry.info.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.35.11",
"versionStartIncluding": "4.7.35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.registry_org.wso2.carbon.registry.info.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.39.9",
"versionStartIncluding": "4.7.39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.registry_org.wso2.carbon.registry.info.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.51.4",
"versionStartIncluding": "4.7.51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.registry_org.wso2.carbon.registry.info.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.8.3.9",
"versionStartIncluding": "4.8.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.registry_org.wso2.carbon.registry.info.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.8.13.6",
"versionStartIncluding": "4.8.13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.registry_org.wso2.carbon.registry.info.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.8.32.3",
"versionStartIncluding": "4.8.32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.registry_org.wso2.carbon.registry.info.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.8.36.1",
"versionStartIncluding": "4.8.36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.registry_org.wso2.carbon.registry.info.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.8.43.1",
"versionStartIncluding": "4.8.43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.registry_org.wso2.carbon.registry.info.ui:*:*:*:*:*:*:*:*",
"versionEndIncluding": "*",
"versionStartIncluding": "4.8.47",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.registry_org.wso2.carbon.registry.resource.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.24.7",
"versionStartIncluding": "4.7.24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.registry_org.wso2.carbon.registry.resource.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.32.14",
"versionStartIncluding": "4.7.32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.registry_org.wso2.carbon.registry.resource.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.33.13",
"versionStartIncluding": "4.7.33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.registry_org.wso2.carbon.registry.resource.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.35.11",
"versionStartIncluding": "4.7.35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.registry_org.wso2.carbon.registry.resource.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.39.9",
"versionStartIncluding": "4.7.39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.registry_org.wso2.carbon.registry.resource.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.51.4",
"versionStartIncluding": "4.7.51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.registry_org.wso2.carbon.registry.resource.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.8.3.9",
"versionStartIncluding": "4.8.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.registry_org.wso2.carbon.registry.resource.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.8.9.5",
"versionStartIncluding": "4.8.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.registry_org.wso2.carbon.registry.resource.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.8.12.5",
"versionStartIncluding": "4.8.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.registry_org.wso2.carbon.registry.resource.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.8.13.6",
"versionStartIncluding": "4.8.13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.registry_org.wso2.carbon.registry.resource.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.8.24.3",
"versionStartIncluding": "4.8.24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.registry_org.wso2.carbon.registry.resource.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.8.32.3",
"versionStartIncluding": "4.8.32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.registry_org.wso2.carbon.registry.resource.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.8.36.1",
"versionStartIncluding": "4.8.36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.registry_org.wso2.carbon.registry.resource.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.8.43.1",
"versionStartIncluding": "4.8.43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.registry_org.wso2.carbon.registry.resource.ui:*:*:*:*:*:*:*:*",
"versionEndIncluding": "*",
"versionStartIncluding": "4.8.47",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.governance_org.wso2.carbon.governance.wsdltool.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.8.19.5",
"versionStartIncluding": "4.8.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.governance_org.wso2.carbon.governance.wsdltool.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.8.21.9",
"versionStartIncluding": "4.8.21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.governance_org.wso2.carbon.governance.wsdltool.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.8.28.3",
"versionStartIncluding": "4.8.28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.governance_org.wso2.carbon.governance.wsdltool.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.8.30.3",
"versionStartIncluding": "4.8.30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.governance_org.wso2.carbon.governance.wsdltool.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.8.32.1",
"versionStartIncluding": "4.8.32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.governance_org.wso2.carbon.governance.wsdltool.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.8.33.3",
"versionStartIncluding": "4.8.33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.governance_org.wso2.carbon.governance.wsdltool.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.8.34.3",
"versionStartIncluding": "4.8.34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.governance_org.wso2.carbon.governance.wsdltool.ui:*:*:*:*:*:*:*:*",
"versionEndIncluding": "*",
"versionStartIncluding": "4.8.35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.identity.inbound.auth.oauth2_org.wso2.carbon.identity.oauth.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.4.2.165",
"versionStartIncluding": "6.4.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.identity.inbound.auth.oauth2_org.wso2.carbon.identity.oauth.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.4.111.155",
"versionStartIncluding": "6.4.111",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.identity.inbound.auth.oauth2_org.wso2.carbon.identity.oauth.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.4.176.28",
"versionStartIncluding": "6.4.176",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.identity.inbound.auth.oauth2_org.wso2.carbon.identity.oauth.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.4.180.12",
"versionStartIncluding": "6.4.180",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.identity.inbound.auth.oauth2_org.wso2.carbon.identity.oauth.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.9.6.26",
"versionStartIncluding": "6.9.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.identity.inbound.auth.oauth2_org.wso2.carbon.identity.oauth.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.13.16.19",
"versionStartIncluding": "6.13.16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.identity.inbound.auth.oauth2_org.wso2.carbon.identity.oauth.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.13.19.12",
"versionStartIncluding": "6.13.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.identity.inbound.auth.oauth2_org.wso2.carbon.identity.oauth.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.13.27.5",
"versionStartIncluding": "6.13.27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.identity.inbound.auth.oauth2_org.wso2.carbon.identity.oauth.ui:*:*:*:*:*:*:*:*",
"versionEndIncluding": "6.13.*",
"versionStartIncluding": "6.13.38",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.identity.inbound.auth.oauth2_org.wso2.carbon.identity.oauth.ui:*:*:*:*:*:*:*:*",
"versionEndIncluding": "*",
"versionStartIncluding": "7.0.349",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "crnkovi\u0107"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A reflected cross-site scripting (XSS) vulnerability exists in the management console of multiple WSO2 products due to improper output encoding. By tampering with specific parameters, a malicious actor can inject arbitrary JavaScript into the response, leading to reflected XSS.\u003cbr\u003e\u003cbr\u003eSuccessful exploitation could result in UI manipulation, redirection to malicious websites, or data theft from the browser. However, session-related sensitive cookies are protected with the httpOnly flag, which mitigates the risk of session hijacking."
}
],
"value": "A reflected cross-site scripting (XSS) vulnerability exists in the management console of multiple WSO2 products due to improper output encoding. By tampering with specific parameters, a malicious actor can inject arbitrary JavaScript into the response, leading to reflected XSS.\n\nSuccessful exploitation could result in UI manipulation, redirection to malicious websites, or data theft from the browser. However, session-related sensitive cookies are protected with the httpOnly flag, which mitigates the risk of session hijacking."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-05T19:21:32.971Z",
"orgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"shortName": "WSO2"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4486/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: transparent;\"\u003eFollow the instructions given on \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4486/#solution\"\u003e\u003cspan style=\"background-color: transparent;\"\u003ehttps://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4486/#solution\u003c/span\u003e\u003c/a\u003e \u003cbr\u003e"
}
],
"value": "Follow the instructions given on https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4486/#solution"
}
],
"source": {
"advisory": "WSO2-2025-4486",
"discovery": "EXTERNAL"
},
"title": "Reflected Cross-Site Scripting (XSS) in Management Console of Multiple WSO2 Products Due to Improper Output Encoding",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"assignerShortName": "WSO2",
"cveId": "CVE-2025-10853",
"datePublished": "2025-11-05T19:21:32.971Z",
"dateReserved": "2025-09-22T10:42:09.872Z",
"dateUpdated": "2025-11-05T19:58:21.875Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-10907 (GCVE-0-2025-10907)
Vulnerability from nvd – Published: 2025-11-05 18:03 – Updated: 2025-11-05 18:49
VLAI?
Summary
An arbitrary file upload vulnerability exists in multiple WSO2 products due to insufficient validation of uploaded content and destination in SOAP admin services. A malicious actor with administrative privileges can upload a specially crafted file to a user-controlled location within the deployment.
Successful exploitation may lead to remote code execution (RCE) on the server, depending on how the uploaded file is processed. By default, this vulnerability is only exploitable by users with administrative access to the affected SOAP services.
Severity ?
8.4 (High)
CWE
- CWE-434 - Unrestricted Upload of File with Dangerous Type
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| WSO2 | WSO2 API Manager |
Unknown:
0 , < 3.1.0
(custom)
Affected: 3.1.0 , < 3.1.0.345 (custom) Affected: 3.2.0 , < 3.2.0.448 (custom) Affected: 3.2.1 , < 3.2.1.66 (custom) Affected: 4.0.0 , < 4.0.0.367 (custom) Affected: 4.1.0 , < 4.1.0.230 (custom) Affected: 4.2.0 , < 4.2.0.169 (custom) Affected: 4.3.0 , < 4.3.0.81 (custom) Affected: 4.4.0 , < 4.4.0.45 (custom) Affected: 4.5.0 , < 4.5.0.28 (custom) |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Credits
crnković
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-10907",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-05T18:49:26.232581Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-05T18:49:44.604Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WSO2 API Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "3.1.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "3.1.0.345",
"status": "affected",
"version": "3.1.0",
"versionType": "custom"
},
{
"lessThan": "3.2.0.448",
"status": "affected",
"version": "3.2.0",
"versionType": "custom"
},
{
"lessThan": "3.2.1.66",
"status": "affected",
"version": "3.2.1",
"versionType": "custom"
},
{
"lessThan": "4.0.0.367",
"status": "affected",
"version": "4.0.0",
"versionType": "custom"
},
{
"lessThan": "4.1.0.230",
"status": "affected",
"version": "4.1.0",
"versionType": "custom"
},
{
"lessThan": "4.2.0.169",
"status": "affected",
"version": "4.2.0",
"versionType": "custom"
},
{
"lessThan": "4.3.0.81",
"status": "affected",
"version": "4.3.0",
"versionType": "custom"
},
{
"lessThan": "4.4.0.45",
"status": "affected",
"version": "4.4.0",
"versionType": "custom"
},
{
"lessThan": "4.5.0.28",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Open Banking IAM",
"vendor": "WSO2",
"versions": [
{
"lessThan": "2.0.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "2.0.0.414",
"status": "affected",
"version": "2.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Open Banking AM",
"vendor": "WSO2",
"versions": [
{
"lessThan": "2.0.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "2.0.0.394",
"status": "affected",
"version": "2.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 API Control Plane",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.0.29",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Universal Gateway",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.0.27",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Traffic Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.0.27",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Micro Integrator",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.0.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "4.0.0.145",
"status": "affected",
"version": "4.0.0",
"versionType": "custom"
},
{
"lessThan": "4.1.0.147",
"status": "affected",
"version": "4.1.0",
"versionType": "custom"
},
{
"lessThan": "4.2.0.141",
"status": "affected",
"version": "4.2.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Identity Server",
"vendor": "WSO2",
"versions": [
{
"lessThan": "5.10.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "5.10.0.375",
"status": "affected",
"version": "5.10.0",
"versionType": "custom"
},
{
"lessThan": "5.11.0.419",
"status": "affected",
"version": "5.11.0",
"versionType": "custom"
},
{
"lessThan": "6.0.0.248",
"status": "affected",
"version": "6.0.0",
"versionType": "custom"
},
{
"lessThan": "6.1.0.248",
"status": "affected",
"version": "6.1.0",
"versionType": "custom"
},
{
"lessThan": "7.0.0.124",
"status": "affected",
"version": "7.0.0",
"versionType": "custom"
},
{
"lessThan": "7.1.0.31",
"status": "affected",
"version": "7.1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Identity Server as Key Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "5.10.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "5.10.0.365",
"status": "affected",
"version": "5.10.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Enterprise Integrator",
"vendor": "WSO2",
"versions": [
{
"lessThan": "6.6.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "6.6.0.224",
"status": "affected",
"version": "6.6.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"packageName": "org.jaggeryjs:org.jaggeryjs.jaggery.app.mgt",
"product": "org.jaggeryjs:org.jaggeryjs.jaggery.app.mgt",
"vendor": "WSO2",
"versions": [
{
"lessThan": "0.14.13.8",
"status": "affected",
"version": "0.14.13",
"versionType": "custom"
},
{
"lessThan": "0.14.16.1",
"status": "affected",
"version": "0.14.16",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"packageName": "org.wso2.carbon.event-processing:org.wso2.carbon.event.simulator.core",
"product": "org.wso2.carbon.event-processing:org.wso2.carbon.event.simulator.core",
"vendor": "WSO2",
"versions": [
{
"lessThan": "2.2.14.7",
"status": "affected",
"version": "2.2.14",
"versionType": "custom"
},
{
"lessThan": "2.2.17.2",
"status": "affected",
"version": "2.2.17",
"versionType": "custom"
},
{
"lessThan": "2.3.1.3",
"status": "affected",
"version": "2.3.1",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "2.3.19",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"packageName": "org.wso2.carbon.mediation:org.wso2.carbon.mediation.library",
"product": "org.wso2.carbon.mediation:org.wso2.carbon.mediation.library",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.7.30.47",
"status": "affected",
"version": "4.7.30",
"versionType": "custom"
},
{
"lessThan": "4.7.61.62",
"status": "affected",
"version": "4.7.61",
"versionType": "custom"
},
{
"lessThan": "4.7.99.304",
"status": "affected",
"version": "4.7.99",
"versionType": "custom"
},
{
"lessThan": "4.7.131.22",
"status": "affected",
"version": "4.7.131",
"versionType": "custom"
},
{
"lessThan": "4.7.175.30",
"status": "affected",
"version": "4.7.175",
"versionType": "custom"
},
{
"lessThan": "4.7.188.12",
"status": "affected",
"version": "4.7.188",
"versionType": "custom"
},
{
"lessThan": "4.7.204.13",
"status": "affected",
"version": "4.7.204",
"versionType": "custom"
},
{
"lessThan": "4.7.221.7",
"status": "affected",
"version": "4.7.221",
"versionType": "custom"
},
{
"lessThan": "4.7.245.7",
"status": "affected",
"version": "4.7.245",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "4.7.262",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"packageName": "org.wso2.carbon.deployment:org.wso2.carbon.module.mgt",
"product": "org.wso2.carbon.deployment:org.wso2.carbon.module.mgt",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.9.15.2",
"status": "affected",
"version": "4.9.15",
"versionType": "custom"
},
{
"lessThan": "4.10.1.1",
"status": "affected",
"version": "4.10.1",
"versionType": "custom"
},
{
"lessThan": "4.10.9.2",
"status": "affected",
"version": "4.10.9",
"versionType": "custom"
},
{
"lessThan": "4.11.1.3",
"status": "affected",
"version": "4.11.1",
"versionType": "custom"
},
{
"lessThan": "4.11.3.3",
"status": "affected",
"version": "4.11.3",
"versionType": "custom"
},
{
"lessThan": "4.11.7.5",
"status": "affected",
"version": "4.11.7",
"versionType": "custom"
},
{
"lessThan": "4.11.14.2",
"status": "affected",
"version": "4.11.14",
"versionType": "custom"
},
{
"lessThan": "4.11.17.3",
"status": "affected",
"version": "4.11.17",
"versionType": "custom"
},
{
"lessThan": "4.11.18.1",
"status": "affected",
"version": "4.11.18",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "4.11.24",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"packageName": "org.wso2.carbon.deployment:org.wso2.carbon.webapp.mgt",
"product": "org.wso2.carbon.deployment:org.wso2.carbon.webapp.mgt",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.10.1.1",
"status": "affected",
"version": "4.10.1",
"versionType": "custom"
},
{
"lessThan": "4.10.9.2",
"status": "affected",
"version": "4.10.9",
"versionType": "custom"
},
{
"lessThan": "4.11.1.3",
"status": "affected",
"version": "4.11.1",
"versionType": "custom"
},
{
"lessThan": "4.11.3.3",
"status": "affected",
"version": "4.11.3",
"versionType": "custom"
},
{
"lessThan": "4.11.7.5",
"status": "affected",
"version": "4.11.7",
"versionType": "custom"
},
{
"lessThan": "4.11.14.2",
"status": "affected",
"version": "4.11.14",
"versionType": "custom"
},
{
"lessThan": "4.11.17.3",
"status": "affected",
"version": "4.11.17",
"versionType": "custom"
},
{
"lessThan": "4.11.18.1",
"status": "affected",
"version": "4.11.18",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "4.11.24",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"packageName": "org.apache.ws.commons.axiom.wso2:axiom",
"product": "org.apache.ws.commons.axiom.wso2:axiom",
"vendor": "WSO2",
"versions": [
{
"lessThan": "1.2.11.wso2v17_5",
"status": "affected",
"version": "1.2.11",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "1.2.11-wso2v21",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"packageName": "org.wso2.carbon:org.wso2.carbon.base",
"product": "org.wso2.carbon:org.wso2.carbon.base",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.3.46",
"status": "affected",
"version": "4.5.3",
"versionType": "custom"
},
{
"lessThan": "4.6.0.2005",
"status": "affected",
"version": "4.6.0",
"versionType": "custom"
},
{
"lessThan": "4.6.1.153",
"status": "affected",
"version": "4.6.1",
"versionType": "custom"
},
{
"lessThan": "4.6.2.668",
"status": "affected",
"version": "4.6.2",
"versionType": "custom"
},
{
"lessThan": "4.6.3.37",
"status": "affected",
"version": "4.6.3",
"versionType": "custom"
},
{
"lessThan": "4.6.4.15",
"status": "affected",
"version": "4.6.4",
"versionType": "custom"
},
{
"lessThan": "4.7.1.72",
"status": "affected",
"version": "4.7.1",
"versionType": "custom"
},
{
"lessThan": "4.8.1.40",
"status": "affected",
"version": "4.8.1",
"versionType": "custom"
},
{
"lessThan": "4.9.0.103",
"status": "affected",
"version": "4.9.0",
"versionType": "custom"
},
{
"lessThan": "4.9.26.26",
"status": "affected",
"version": "4.9.26",
"versionType": "custom"
},
{
"lessThan": "4.9.27.11",
"status": "affected",
"version": "4.9.27",
"versionType": "custom"
},
{
"lessThan": "4.9.28.12",
"status": "affected",
"version": "4.9.28",
"versionType": "custom"
},
{
"lessThan": "4.10.9.71",
"status": "affected",
"version": "4.10.9",
"versionType": "custom"
},
{
"lessThan": "4.10.42.14",
"status": "affected",
"version": "4.10.42",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.9.*",
"status": "unaffected",
"version": "4.9.30",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "4.10.95",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"packageName": "org.wso2.carbon:org.wso2.carbon.utils",
"product": "org.wso2.carbon:org.wso2.carbon.utils",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.3.46",
"status": "affected",
"version": "4.5.3",
"versionType": "custom"
},
{
"lessThan": "4.6.0.2005",
"status": "affected",
"version": "4.6.0",
"versionType": "custom"
},
{
"lessThan": "4.6.1.153",
"status": "affected",
"version": "4.6.1",
"versionType": "custom"
},
{
"lessThan": "4.6.2.668",
"status": "affected",
"version": "4.6.2",
"versionType": "custom"
},
{
"lessThan": "4.6.3.37",
"status": "affected",
"version": "4.6.3",
"versionType": "custom"
},
{
"lessThan": "4.6.4.15",
"status": "affected",
"version": "4.6.4",
"versionType": "custom"
},
{
"lessThan": "4.7.1.72",
"status": "affected",
"version": "4.7.1",
"versionType": "custom"
},
{
"lessThan": "4.8.1.40",
"status": "affected",
"version": "4.8.1",
"versionType": "custom"
},
{
"lessThan": "4.9.0.103",
"status": "affected",
"version": "4.9.0",
"versionType": "custom"
},
{
"lessThan": "4.9.26.26",
"status": "affected",
"version": "4.9.26",
"versionType": "custom"
},
{
"lessThan": "4.9.27.11",
"status": "affected",
"version": "4.9.27",
"versionType": "custom"
},
{
"lessThan": "4.9.28.12",
"status": "affected",
"version": "4.9.28",
"versionType": "custom"
},
{
"lessThan": "4.10.9.71",
"status": "affected",
"version": "4.10.9",
"versionType": "custom"
},
{
"lessThan": "4.10.42.14",
"status": "affected",
"version": "4.10.42",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.9.*",
"status": "unaffected",
"version": "4.9.30",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "4.10.95",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.1.0.345",
"versionStartIncluding": "3.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.2.0.448",
"versionStartIncluding": "3.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.2.1.66",
"versionStartIncluding": "3.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.0.0.367",
"versionStartIncluding": "4.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.1.0.230",
"versionStartIncluding": "4.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2.0.169",
"versionStartIncluding": "4.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.3.0.81",
"versionStartIncluding": "4.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.4.0.45",
"versionStartIncluding": "4.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.5.0.28",
"versionStartIncluding": "4.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_open_banking_iam:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.0.0.414",
"versionStartIncluding": "2.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_open_banking_am:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.0.0.394",
"versionStartIncluding": "2.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_api_control_plane:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.5.0.29",
"versionStartIncluding": "4.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_universal_gateway:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.5.0.27",
"versionStartIncluding": "4.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_traffic_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.5.0.27",
"versionStartIncluding": "4.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_micro_integrator:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.0.0.145",
"versionStartIncluding": "4.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_micro_integrator:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.1.0.147",
"versionStartIncluding": "4.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_micro_integrator:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2.0.141",
"versionStartIncluding": "4.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.0.375",
"versionStartIncluding": "5.10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.11.0.419",
"versionStartIncluding": "5.11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.0.0.248",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.0.248",
"versionStartIncluding": "6.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.0.0.124",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.1.0.31",
"versionStartIncluding": "7.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server_as_key_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.0.365",
"versionStartIncluding": "5.10.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_enterprise_integrator:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.0.224",
"versionStartIncluding": "6.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:org.jaggeryjs_org.jaggeryjs.jaggery.app.mgt:*:*:*:*:*:*:*:*",
"versionEndExcluding": "0.14.13.8",
"versionStartIncluding": "0.14.13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.jaggeryjs_org.jaggeryjs.jaggery.app.mgt:*:*:*:*:*:*:*:*",
"versionEndExcluding": "0.14.16.1",
"versionStartIncluding": "0.14.16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.event-processing_org.wso2.carbon.event.simulator.core:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.2.14.7",
"versionStartIncluding": "2.2.14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.event-processing_org.wso2.carbon.event.simulator.core:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.2.17.2",
"versionStartIncluding": "2.2.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.event-processing_org.wso2.carbon.event.simulator.core:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.3.1.3",
"versionStartIncluding": "2.3.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.event-processing_org.wso2.carbon.event.simulator.core:*:*:*:*:*:*:*:*",
"versionEndIncluding": "*",
"versionStartIncluding": "2.3.19",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.mediation_org.wso2.carbon.mediation.library:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.30.47",
"versionStartIncluding": "4.7.30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.mediation_org.wso2.carbon.mediation.library:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.61.62",
"versionStartIncluding": "4.7.61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.mediation_org.wso2.carbon.mediation.library:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.99.304",
"versionStartIncluding": "4.7.99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.mediation_org.wso2.carbon.mediation.library:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.131.22",
"versionStartIncluding": "4.7.131",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.mediation_org.wso2.carbon.mediation.library:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.175.30",
"versionStartIncluding": "4.7.175",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.mediation_org.wso2.carbon.mediation.library:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.188.12",
"versionStartIncluding": "4.7.188",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.mediation_org.wso2.carbon.mediation.library:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.204.13",
"versionStartIncluding": "4.7.204",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.mediation_org.wso2.carbon.mediation.library:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.221.7",
"versionStartIncluding": "4.7.221",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.mediation_org.wso2.carbon.mediation.library:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.245.7",
"versionStartIncluding": "4.7.245",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.mediation_org.wso2.carbon.mediation.library:*:*:*:*:*:*:*:*",
"versionEndIncluding": "*",
"versionStartIncluding": "4.7.262",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.deployment_org.wso2.carbon.module.mgt:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.9.15.2",
"versionStartIncluding": "4.9.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.deployment_org.wso2.carbon.module.mgt:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.10.1.1",
"versionStartIncluding": "4.10.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.deployment_org.wso2.carbon.module.mgt:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.10.9.2",
"versionStartIncluding": "4.10.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.deployment_org.wso2.carbon.module.mgt:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.11.1.3",
"versionStartIncluding": "4.11.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.deployment_org.wso2.carbon.module.mgt:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.11.3.3",
"versionStartIncluding": "4.11.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.deployment_org.wso2.carbon.module.mgt:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.11.7.5",
"versionStartIncluding": "4.11.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.deployment_org.wso2.carbon.module.mgt:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.11.14.2",
"versionStartIncluding": "4.11.14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.deployment_org.wso2.carbon.module.mgt:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.11.17.3",
"versionStartIncluding": "4.11.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.deployment_org.wso2.carbon.module.mgt:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.11.18.1",
"versionStartIncluding": "4.11.18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.deployment_org.wso2.carbon.module.mgt:*:*:*:*:*:*:*:*",
"versionEndIncluding": "*",
"versionStartIncluding": "4.11.24",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.deployment_org.wso2.carbon.webapp.mgt:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.10.1.1",
"versionStartIncluding": "4.10.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.deployment_org.wso2.carbon.webapp.mgt:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.10.9.2",
"versionStartIncluding": "4.10.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.deployment_org.wso2.carbon.webapp.mgt:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.11.1.3",
"versionStartIncluding": "4.11.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.deployment_org.wso2.carbon.webapp.mgt:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.11.3.3",
"versionStartIncluding": "4.11.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.deployment_org.wso2.carbon.webapp.mgt:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.11.7.5",
"versionStartIncluding": "4.11.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.deployment_org.wso2.carbon.webapp.mgt:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.11.14.2",
"versionStartIncluding": "4.11.14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.deployment_org.wso2.carbon.webapp.mgt:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.11.17.3",
"versionStartIncluding": "4.11.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.deployment_org.wso2.carbon.webapp.mgt:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.11.18.1",
"versionStartIncluding": "4.11.18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.deployment_org.wso2.carbon.webapp.mgt:*:*:*:*:*:*:*:*",
"versionEndIncluding": "*",
"versionStartIncluding": "4.11.24",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:org.apache.ws.commons.axiom.wso2_axiom:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.2.11.wso2v17_5",
"versionStartIncluding": "1.2.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.apache.ws.commons.axiom.wso2_axiom:*:*:*:*:*:*:*:*",
"versionEndIncluding": "*",
"versionStartIncluding": "1.2.11-wso2v21",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.base:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.5.3.46",
"versionStartIncluding": "4.5.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.base:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.6.0.2005",
"versionStartIncluding": "4.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.base:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.6.1.153",
"versionStartIncluding": "4.6.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.base:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.6.2.668",
"versionStartIncluding": "4.6.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.base:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.6.3.37",
"versionStartIncluding": "4.6.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.base:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.6.4.15",
"versionStartIncluding": "4.6.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.base:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.1.72",
"versionStartIncluding": "4.7.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.base:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.8.1.40",
"versionStartIncluding": "4.8.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.base:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.9.0.103",
"versionStartIncluding": "4.9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.base:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.9.26.26",
"versionStartIncluding": "4.9.26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.base:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.9.27.11",
"versionStartIncluding": "4.9.27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.base:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.9.28.12",
"versionStartIncluding": "4.9.28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.base:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.10.9.71",
"versionStartIncluding": "4.10.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.base:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.10.42.14",
"versionStartIncluding": "4.10.42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.base:*:*:*:*:*:*:*:*",
"versionEndIncluding": "4.9.*",
"versionStartIncluding": "4.9.30",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.base:*:*:*:*:*:*:*:*",
"versionEndIncluding": "*",
"versionStartIncluding": "4.10.95",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.utils:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.5.3.46",
"versionStartIncluding": "4.5.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.utils:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.6.0.2005",
"versionStartIncluding": "4.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.utils:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.6.1.153",
"versionStartIncluding": "4.6.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.utils:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.6.2.668",
"versionStartIncluding": "4.6.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.utils:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.6.3.37",
"versionStartIncluding": "4.6.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.utils:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.6.4.15",
"versionStartIncluding": "4.6.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.utils:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.1.72",
"versionStartIncluding": "4.7.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.utils:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.8.1.40",
"versionStartIncluding": "4.8.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.utils:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.9.0.103",
"versionStartIncluding": "4.9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.utils:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.9.26.26",
"versionStartIncluding": "4.9.26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.utils:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.9.27.11",
"versionStartIncluding": "4.9.27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.utils:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.9.28.12",
"versionStartIncluding": "4.9.28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.utils:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.10.9.71",
"versionStartIncluding": "4.10.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.utils:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.10.42.14",
"versionStartIncluding": "4.10.42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.utils:*:*:*:*:*:*:*:*",
"versionEndIncluding": "4.9.*",
"versionStartIncluding": "4.9.30",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.utils:*:*:*:*:*:*:*:*",
"versionEndIncluding": "*",
"versionStartIncluding": "4.10.95",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "crnkovi\u0107"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An arbitrary file upload vulnerability exists in multiple WSO2 products due to insufficient validation of uploaded content and destination in SOAP admin services. A malicious actor with administrative privileges can upload a specially crafted file to a user-controlled location within the deployment.\u003cbr\u003e\u003cbr\u003eSuccessful exploitation may lead to remote code execution (RCE) on the server, depending on how the uploaded file is processed. By default, this vulnerability is only exploitable by users with administrative access to the affected SOAP services.\u003cbr\u003e"
}
],
"value": "An arbitrary file upload vulnerability exists in multiple WSO2 products due to insufficient validation of uploaded content and destination in SOAP admin services. A malicious actor with administrative privileges can upload a specially crafted file to a user-controlled location within the deployment.\n\nSuccessful exploitation may lead to remote code execution (RCE) on the server, depending on how the uploaded file is processed. By default, this vulnerability is only exploitable by users with administrative access to the affected SOAP services."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-05T18:03:49.831Z",
"orgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"shortName": "WSO2"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4603/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: transparent;\"\u003eFollow the instructions given on \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4603/#solution\"\u003e\u003cspan style=\"background-color: transparent;\"\u003ehttps://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4603/#solution\u003c/span\u003e\u003c/a\u003e \u003cbr\u003e"
}
],
"value": "Follow the instructions given on https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4603/#solution"
}
],
"source": {
"advisory": "WSO2-2025-4603",
"discovery": "EXTERNAL"
},
"title": "Authenticated Arbitrary File Upload in Multiple WSO2 Products via SOAP Admin Services Leading to Remote Code Execution",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"assignerShortName": "WSO2",
"cveId": "CVE-2025-10907",
"datePublished": "2025-11-05T18:03:49.831Z",
"dateReserved": "2025-09-24T09:25:09.461Z",
"dateUpdated": "2025-11-05T18:49:44.604Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-3125 (GCVE-0-2025-3125)
Vulnerability from nvd – Published: 2025-11-05 14:49 – Updated: 2025-11-05 18:59
VLAI?
Summary
An arbitrary file upload vulnerability exists in multiple WSO2 products due to improper input validation in the CarbonAppUploader admin service endpoint. An authenticated attacker with appropriate privileges can upload a malicious file to a user-controlled location on the server, potentially leading to remote code execution (RCE).
This functionality is restricted by default to admin users; therefore, successful exploitation requires valid credentials with administrative permissions.
Severity ?
6.7 (Medium)
CWE
- CWE-434 - Unrestricted Upload of File with Dangerous Type
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| WSO2 | WSO2 Identity Server |
Unknown:
0 , < 5.10.0
(custom)
Affected: 5.10.0 , < 5.10.0.360 (custom) Affected: 5.11.0 , < 5.11.0.399 (custom) Affected: 6.0.0 , < 6.0.0.235 (custom) Affected: 6.1.0 , < 6.1.0.230 (custom) Affected: 7.0.0 , < 7.0.0.101 (custom) Affected: 7.1.0 , < 7.1.0.32 (custom) |
||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
Credits
Danh Nguyen (k4it0) from VIB Pentest Team
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-3125",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-05T18:58:52.925152Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-05T18:59:01.426Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WSO2 Identity Server",
"vendor": "WSO2",
"versions": [
{
"lessThan": "5.10.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "5.10.0.360",
"status": "affected",
"version": "5.10.0",
"versionType": "custom"
},
{
"lessThan": "5.11.0.399",
"status": "affected",
"version": "5.11.0",
"versionType": "custom"
},
{
"lessThan": "6.0.0.235",
"status": "affected",
"version": "6.0.0",
"versionType": "custom"
},
{
"lessThan": "6.1.0.230",
"status": "affected",
"version": "6.1.0",
"versionType": "custom"
},
{
"lessThan": "7.0.0.101",
"status": "affected",
"version": "7.0.0",
"versionType": "custom"
},
{
"lessThan": "7.1.0.32",
"status": "affected",
"version": "7.1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Enterprise Integrator",
"vendor": "WSO2",
"versions": [
{
"lessThan": "6.6.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "6.6.0.217",
"status": "affected",
"version": "6.6.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Open Banking IAM",
"vendor": "WSO2",
"versions": [
{
"lessThan": "2.0.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "2.0.0.402",
"status": "affected",
"version": "2.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Identity Server as Key Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "5.10.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "5.10.0.353",
"status": "affected",
"version": "5.10.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 API Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "3.2.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "3.2.0.421",
"status": "affected",
"version": "3.2.0",
"versionType": "custom"
},
{
"lessThan": "3.2.1.41",
"status": "affected",
"version": "3.2.1",
"versionType": "custom"
},
{
"lessThan": "4.0.0.342",
"status": "affected",
"version": "4.0.0",
"versionType": "custom"
},
{
"lessThan": "4.1.0.203",
"status": "affected",
"version": "4.1.0",
"versionType": "custom"
},
{
"lessThan": "4.2.0.142",
"status": "affected",
"version": "4.2.0",
"versionType": "custom"
},
{
"lessThan": "4.3.0.55",
"status": "affected",
"version": "4.3.0",
"versionType": "custom"
},
{
"lessThan": "4.4.0.19",
"status": "affected",
"version": "4.4.0",
"versionType": "custom"
},
{
"lessThan": "4.5.0.2",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 API Control Plane",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.0.2",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Universal Gateway",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.0.2",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Traffic Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.0.2",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"packageName": "org.wso2.carbon.commons:org.wso2.carbon.application.upload",
"product": "org.wso2.carbon.commons:org.wso2.carbon.application.upload",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.7.19.7",
"status": "affected",
"version": "4.7.19",
"versionType": "custom"
},
{
"lessThan": "4.7.32.5",
"status": "affected",
"version": "4.7.32",
"versionType": "custom"
},
{
"lessThan": "4.7.35.8",
"status": "affected",
"version": "4.7.35",
"versionType": "custom"
},
{
"lessThan": "4.7.39.1",
"status": "affected",
"version": "4.7.39",
"versionType": "custom"
},
{
"lessThan": "4.7.49.4",
"status": "affected",
"version": "4.7.49",
"versionType": "custom"
},
{
"lessThan": "4.7.52.1",
"status": "affected",
"version": "4.7.52",
"versionType": "custom"
},
{
"lessThan": "4.10.13.1",
"status": "affected",
"version": "4.10.13",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.9.*",
"status": "unaffected",
"version": "4.9.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "4.10.24",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.0.360",
"versionStartIncluding": "5.10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.11.0.399",
"versionStartIncluding": "5.11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.0.0.235",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.0.230",
"versionStartIncluding": "6.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.0.0.101",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.1.0.32",
"versionStartIncluding": "7.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_enterprise_integrator:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.0.217",
"versionStartIncluding": "6.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_open_banking_iam:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.0.0.402",
"versionStartIncluding": "2.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server_as_key_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.0.353",
"versionStartIncluding": "5.10.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.2.0.421",
"versionStartIncluding": "3.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.2.1.41",
"versionStartIncluding": "3.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.0.0.342",
"versionStartIncluding": "4.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.1.0.203",
"versionStartIncluding": "4.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2.0.142",
"versionStartIncluding": "4.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.3.0.55",
"versionStartIncluding": "4.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.4.0.19",
"versionStartIncluding": "4.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.5.0.2",
"versionStartIncluding": "4.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_api_control_plane:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.5.0.2",
"versionStartIncluding": "4.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_universal_gateway:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.5.0.2",
"versionStartIncluding": "4.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_traffic_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.5.0.2",
"versionStartIncluding": "4.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.commons_org.wso2.carbon.application.upload:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.19.7",
"versionStartIncluding": "4.7.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.commons_org.wso2.carbon.application.upload:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.32.5",
"versionStartIncluding": "4.7.32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.commons_org.wso2.carbon.application.upload:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.35.8",
"versionStartIncluding": "4.7.35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.commons_org.wso2.carbon.application.upload:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.39.1",
"versionStartIncluding": "4.7.39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.commons_org.wso2.carbon.application.upload:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.49.4",
"versionStartIncluding": "4.7.49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.commons_org.wso2.carbon.application.upload:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.52.1",
"versionStartIncluding": "4.7.52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.commons_org.wso2.carbon.application.upload:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.10.13.1",
"versionStartIncluding": "4.10.13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.commons_org.wso2.carbon.application.upload:*:*:*:*:*:*:*:*",
"versionEndIncluding": "4.9.*",
"versionStartIncluding": "4.9.12",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon.commons_org.wso2.carbon.application.upload:*:*:*:*:*:*:*:*",
"versionEndIncluding": "*",
"versionStartIncluding": "4.10.24",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Danh Nguyen (k4it0) from VIB Pentest Team"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An arbitrary file upload vulnerability exists in multiple WSO2 products due to improper input validation in the CarbonAppUploader admin service endpoint. An authenticated attacker with appropriate privileges can upload a malicious file to a user-controlled location on the server, potentially leading to remote code execution (RCE).\u003cbr\u003e\u003cbr\u003eThis functionality is restricted by default to admin users; therefore, successful exploitation requires valid credentials with administrative permissions.\u003cbr\u003e"
}
],
"value": "An arbitrary file upload vulnerability exists in multiple WSO2 products due to improper input validation in the CarbonAppUploader admin service endpoint. An authenticated attacker with appropriate privileges can upload a malicious file to a user-controlled location on the server, potentially leading to remote code execution (RCE).\n\nThis functionality is restricted by default to admin users; therefore, successful exploitation requires valid credentials with administrative permissions."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-05T14:50:04.961Z",
"orgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"shortName": "WSO2"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-3961/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: transparent;\"\u003eFollow the instructions given on \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-3961/#solution\"\u003e\u003cspan style=\"background-color: transparent;\"\u003ehttps://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-3961/#solution\u003c/span\u003e\u003c/a\u003e \u003cbr\u003e"
}
],
"value": "Follow the instructions given on https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-3961/#solution https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-3961/#solution"
}
],
"source": {
"advisory": "WSO2-2025-3961",
"discovery": "EXTERNAL"
},
"title": "Authenticated Arbitrary File Upload in Multiple WSO2 Products via CarbonAppUploader Admin Service Leading to Remote Code Execution",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"assignerShortName": "WSO2",
"cveId": "CVE-2025-3125",
"datePublished": "2025-11-05T14:49:44.597Z",
"dateReserved": "2025-04-02T15:12:12.137Z",
"dateUpdated": "2025-11-05T18:59:01.426Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-5605 (GCVE-0-2025-5605)
Vulnerability from nvd – Published: 2025-10-24 10:09 – Updated: 2025-10-24 11:44
VLAI?
Summary
An authentication bypass vulnerability exists in the Management Console of multiple WSO2 products. A malicious actor with access to the console can manipulate the request URI to bypass authentication and access certain restricted resources, resulting in partial information disclosure.
The known exposure from this issue is limited to memory statistics. While the vulnerability does not allow full account compromise, it still enables unauthorized access to internal system details.
Severity ?
4.3 (Medium)
CWE
- CWE-290 - Authentication Bypass by Spoofing
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| WSO2 | WSO2 Identity Server |
Unknown:
0 , < 5.10.0
(custom)
Affected: 5.10.0 , < 5.10.0.361 (custom) Affected: 5.11.0 , < 5.11.0.414 (custom) Affected: 6.0.0 , < 6.0.0.245 (custom) Affected: 6.1.0 , < 6.1.0.244 (custom) Affected: 7.0.0 , < 7.0.0.119 (custom) Affected: 7.1.0 , < 7.1.0.25 (custom) |
|||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||
Credits
Noël Maccary
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-5605",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-24T11:44:00.454638Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-290",
"description": "CWE-290 Authentication Bypass by Spoofing",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-24T11:44:58.987Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WSO2 Identity Server",
"vendor": "WSO2",
"versions": [
{
"lessThan": "5.10.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "5.10.0.361",
"status": "affected",
"version": "5.10.0",
"versionType": "custom"
},
{
"lessThan": "5.11.0.414",
"status": "affected",
"version": "5.11.0",
"versionType": "custom"
},
{
"lessThan": "6.0.0.245",
"status": "affected",
"version": "6.0.0",
"versionType": "custom"
},
{
"lessThan": "6.1.0.244",
"status": "affected",
"version": "6.1.0",
"versionType": "custom"
},
{
"lessThan": "7.0.0.119",
"status": "affected",
"version": "7.0.0",
"versionType": "custom"
},
{
"lessThan": "7.1.0.25",
"status": "affected",
"version": "7.1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Enterprise Integrator",
"vendor": "WSO2",
"versions": [
{
"lessThan": "6.6.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "6.6.0.217",
"status": "affected",
"version": "6.6.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Universal Gateway",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.0.10",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Traffic Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.0.10",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 API Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "3.1.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "3.1.0.334",
"status": "affected",
"version": "3.1.0",
"versionType": "custom"
},
{
"lessThan": "3.2.0.430",
"status": "affected",
"version": "3.2.0",
"versionType": "custom"
},
{
"lessThan": "3.2.1.48",
"status": "affected",
"version": "3.2.1",
"versionType": "custom"
},
{
"lessThan": "4.0.0.346",
"status": "affected",
"version": "4.0.0",
"versionType": "custom"
},
{
"lessThan": "4.1.0.210",
"status": "affected",
"version": "4.1.0",
"versionType": "custom"
},
{
"lessThan": "4.2.0.148",
"status": "affected",
"version": "4.2.0",
"versionType": "custom"
},
{
"lessThan": "4.3.0.61",
"status": "affected",
"version": "4.3.0",
"versionType": "custom"
},
{
"lessThan": "4.4.0.24",
"status": "affected",
"version": "4.4.0",
"versionType": "custom"
},
{
"lessThan": "4.5.0.10",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 API Control Plane",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.0.11",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Identity Server as Key Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "5.10.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "5.10.0.354",
"status": "affected",
"version": "5.10.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Open Banking AM",
"vendor": "WSO2",
"versions": [
{
"lessThan": "2.0.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "2.0.0.382",
"status": "affected",
"version": "2.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Open Banking IAM",
"vendor": "WSO2",
"versions": [
{
"lessThan": "2.0.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "2.0.0.403",
"status": "affected",
"version": "2.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"packageName": "org.wso2.carbon:org.wso2.carbon.ui",
"product": "org.wso2.carbon:org.wso2.carbon.ui",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.3.40",
"status": "affected",
"version": "4.5.3",
"versionType": "custom"
},
{
"lessThan": "4.6.0.1224",
"status": "affected",
"version": "4.6.0",
"versionType": "custom"
},
{
"lessThan": "4.6.1.150",
"status": "affected",
"version": "4.6.1",
"versionType": "custom"
},
{
"lessThan": "4.6.2.664",
"status": "affected",
"version": "4.6.2",
"versionType": "custom"
},
{
"lessThan": "4.6.3.32",
"status": "affected",
"version": "4.6.3",
"versionType": "custom"
},
{
"lessThan": "4.6.4.8",
"status": "affected",
"version": "4.6.4",
"versionType": "custom"
},
{
"lessThan": "4.7.1.69",
"status": "affected",
"version": "4.7.1",
"versionType": "custom"
},
{
"lessThan": "4.8.1.33",
"status": "affected",
"version": "4.8.1",
"versionType": "custom"
},
{
"lessThan": "4.9.0.100",
"status": "affected",
"version": "4.9.0",
"versionType": "custom"
},
{
"lessThan": "4.9.26.20",
"status": "affected",
"version": "4.9.26",
"versionType": "custom"
},
{
"lessThan": "4.9.27.4",
"status": "affected",
"version": "4.9.27",
"versionType": "custom"
},
{
"lessThan": "4.9.28.4",
"status": "affected",
"version": "4.9.28",
"versionType": "custom"
},
{
"lessThan": "4.10.9.68",
"status": "affected",
"version": "4.10.9",
"versionType": "custom"
},
{
"lessThan": "4.10.42.10",
"status": "affected",
"version": "4.10.42",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.9.*",
"status": "unaffected",
"version": "4.9.29",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "4.10.90",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.0.361",
"versionStartIncluding": "5.10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.11.0.414",
"versionStartIncluding": "5.11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.0.0.245",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.0.244",
"versionStartIncluding": "6.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.0.0.119",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.1.0.25",
"versionStartIncluding": "7.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_enterprise_integrator:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.0.217",
"versionStartIncluding": "6.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_universal_gateway:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.5.0.10",
"versionStartIncluding": "4.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_traffic_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.5.0.10",
"versionStartIncluding": "4.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.1.0.334",
"versionStartIncluding": "3.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.2.0.430",
"versionStartIncluding": "3.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.2.1.48",
"versionStartIncluding": "3.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.0.0.346",
"versionStartIncluding": "4.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.1.0.210",
"versionStartIncluding": "4.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2.0.148",
"versionStartIncluding": "4.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.3.0.61",
"versionStartIncluding": "4.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.4.0.24",
"versionStartIncluding": "4.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.5.0.10",
"versionStartIncluding": "4.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_api_control_plane:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.5.0.11",
"versionStartIncluding": "4.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server_as_key_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.0.354",
"versionStartIncluding": "5.10.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_open_banking_am:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.0.0.382",
"versionStartIncluding": "2.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_open_banking_iam:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.0.0.403",
"versionStartIncluding": "2.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.5.3.40",
"versionStartIncluding": "4.5.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.6.0.1224",
"versionStartIncluding": "4.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.6.1.150",
"versionStartIncluding": "4.6.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.6.2.664",
"versionStartIncluding": "4.6.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.6.3.32",
"versionStartIncluding": "4.6.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.6.4.8",
"versionStartIncluding": "4.6.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.1.69",
"versionStartIncluding": "4.7.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.8.1.33",
"versionStartIncluding": "4.8.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.9.0.100",
"versionStartIncluding": "4.9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.9.26.20",
"versionStartIncluding": "4.9.26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.9.27.4",
"versionStartIncluding": "4.9.27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.9.28.4",
"versionStartIncluding": "4.9.28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.10.9.68",
"versionStartIncluding": "4.10.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.10.42.10",
"versionStartIncluding": "4.10.42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
"versionEndIncluding": "4.9.*",
"versionStartIncluding": "4.9.29",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
"versionEndIncluding": "*",
"versionStartIncluding": "4.10.90",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "No\u00ebl Maccary"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An authentication bypass vulnerability exists in the Management Console of multiple WSO2 products. A malicious actor with access to the console can manipulate the request URI to bypass authentication and access certain restricted resources, resulting in partial information disclosure.\u003cbr\u003e\u003cbr\u003eThe known exposure from this issue is limited to memory statistics. While the vulnerability does not allow full account compromise, it still enables unauthorized access to internal system details.\u003cbr\u003e"
}
],
"value": "An authentication bypass vulnerability exists in the Management Console of multiple WSO2 products. A malicious actor with access to the console can manipulate the request URI to bypass authentication and access certain restricted resources, resulting in partial information disclosure.\n\nThe known exposure from this issue is limited to memory statistics. While the vulnerability does not allow full account compromise, it still enables unauthorized access to internal system details."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-24T10:17:47.415Z",
"orgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"shortName": "WSO2"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4115/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: transparent;\"\u003eFollow the instructions given on \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4115/#solution\"\u003e\u003cspan style=\"background-color: transparent;\"\u003ehttps://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4115/#solution\u003c/span\u003e\u003c/a\u003e \u003cbr\u003e"
}
],
"value": "Follow the instructions given on https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4115/#solution https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4115/#solution"
}
],
"source": {
"advisory": "WSO2-2025-4115",
"discovery": "EXTERNAL"
},
"title": "Authentication Bypass via URI Manipulation in Multiple WSO2 Products\u0027 Management Console Leading to Partial Information Disclosure",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"assignerShortName": "WSO2",
"cveId": "CVE-2025-5605",
"datePublished": "2025-10-24T10:09:59.591Z",
"dateReserved": "2025-06-04T10:51:11.459Z",
"dateUpdated": "2025-10-24T11:44:58.987Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-5350 (GCVE-0-2025-5350)
Vulnerability from nvd – Published: 2025-10-24 10:08 – Updated: 2025-10-24 12:16
VLAI?
Summary
SSRF and Reflected XSS Vulnerabilities exist in multiple WSO2 products within the deprecated Try-It feature, which was accessible only to administrative users. This feature accepted user-supplied URLs without proper validation, leading to server-side request forgery (SSRF). Additionally, the retrieved content was directly reflected in the HTTP response, enabling reflected cross-site scripting (XSS) in the admin user's browser context.
By tricking an administrator into accessing a crafted link, an attacker could force the server to fetch malicious content and reflect it into the admin’s browser, leading to arbitrary JavaScript execution for UI manipulation or data exfiltration. While session cookies are protected with the HttpOnly flag, the XSS still poses a significant security risk.
Furthermore, SSRF can be used by a privileged user to query internal services, potentially aiding in internal network enumeration if the target endpoints are reachable from the affected product.
Severity ?
5.9 (Medium)
CWE
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| WSO2 | WSO2 Identity Server |
Unknown:
0 , < 5.10.0
(custom)
Affected: 5.10.0 , < 5.10.0.359 (custom) Affected: 5.11.0 , < 5.11.0.415 (custom) Affected: 6.0.0 , < 6.0.0.246 (custom) Affected: 6.1.0 , < 6.1.0.245 (custom) Affected: 7.0.0 , < 7.0.0.120 (custom) Affected: 7.1.0 , < 7.1.0.27 (custom) |
|||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||
Credits
Noël MACCARY
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-5350",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-24T12:16:39.906160Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-24T12:16:49.892Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WSO2 Identity Server",
"vendor": "WSO2",
"versions": [
{
"lessThan": "5.10.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "5.10.0.359",
"status": "affected",
"version": "5.10.0",
"versionType": "custom"
},
{
"lessThan": "5.11.0.415",
"status": "affected",
"version": "5.11.0",
"versionType": "custom"
},
{
"lessThan": "6.0.0.246",
"status": "affected",
"version": "6.0.0",
"versionType": "custom"
},
{
"lessThan": "6.1.0.245",
"status": "affected",
"version": "6.1.0",
"versionType": "custom"
},
{
"lessThan": "7.0.0.120",
"status": "affected",
"version": "7.0.0",
"versionType": "custom"
},
{
"lessThan": "7.1.0.27",
"status": "affected",
"version": "7.1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Enterprise Integrator",
"vendor": "WSO2",
"versions": [
{
"lessThan": "6.6.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "6.6.0.218",
"status": "affected",
"version": "6.6.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 API Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "3.1.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "3.1.0.332",
"status": "affected",
"version": "3.1.0",
"versionType": "custom"
},
{
"lessThan": "3.2.0.428",
"status": "affected",
"version": "3.2.0",
"versionType": "custom"
},
{
"lessThan": "3.2.1.47",
"status": "affected",
"version": "3.2.1",
"versionType": "custom"
},
{
"lessThan": "4.0.0.369",
"status": "affected",
"version": "4.0.0",
"versionType": "custom"
},
{
"lessThan": "4.1.0.209",
"status": "affected",
"version": "4.1.0",
"versionType": "custom"
},
{
"lessThan": "4.2.0.147",
"status": "affected",
"version": "4.2.0",
"versionType": "custom"
},
{
"lessThan": "4.3.0.60",
"status": "affected",
"version": "4.3.0",
"versionType": "custom"
},
{
"lessThan": "4.4.0.23",
"status": "affected",
"version": "4.4.0",
"versionType": "custom"
},
{
"lessThan": "4.5.0.7",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Universal Gateway",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.0.7",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Traffic Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.0.7",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 API Control Plane",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.0.7",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Open Banking AM",
"vendor": "WSO2",
"versions": [
{
"lessThan": "2.0.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "2.0.0.380",
"status": "affected",
"version": "2.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Open Banking IAM",
"vendor": "WSO2",
"versions": [
{
"lessThan": "2.0.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "2.0.0.401",
"status": "affected",
"version": "2.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Identity Server as Key Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "5.10.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "5.10.0.352",
"status": "affected",
"version": "5.10.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"packageName": "org.wso2.carbon:org.wso2.carbon.ui",
"product": "org.wso2.carbon:org.wso2.carbon.ui",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.3.41",
"status": "affected",
"version": "4.5.3",
"versionType": "custom"
},
{
"lessThan": "4.6.0.1087",
"status": "affected",
"version": "4.6.0",
"versionType": "custom"
},
{
"lessThan": "4.6.1.151",
"status": "affected",
"version": "4.6.1",
"versionType": "custom"
},
{
"lessThan": "4.6.2.672",
"status": "affected",
"version": "4.6.2",
"versionType": "custom"
},
{
"lessThan": "4.6.3.30",
"status": "affected",
"version": "4.6.3",
"versionType": "custom"
},
{
"lessThan": "4.6.4.7",
"status": "affected",
"version": "4.6.4",
"versionType": "custom"
},
{
"lessThan": "4.7.1.70",
"status": "affected",
"version": "4.7.1",
"versionType": "custom"
},
{
"lessThan": "4.8.1.32",
"status": "affected",
"version": "4.8.1",
"versionType": "custom"
},
{
"lessThan": "4.9.0.101",
"status": "affected",
"version": "4.9.0",
"versionType": "custom"
},
{
"lessThan": "4.9.26.19",
"status": "affected",
"version": "4.9.26",
"versionType": "custom"
},
{
"lessThan": "4.9.27.3",
"status": "affected",
"version": "4.9.27",
"versionType": "custom"
},
{
"lessThan": "4.9.28.1",
"status": "affected",
"version": "4.9.28",
"versionType": "custom"
},
{
"lessThan": "4.10.9.69",
"status": "affected",
"version": "4.10.9",
"versionType": "custom"
},
{
"lessThan": "4.10.42.11",
"status": "affected",
"version": "4.10.42",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.9.*",
"status": "unaffected",
"version": "4.9.29",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "4.10.93",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "No\u00ebl MACCARY"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "SSRF and Reflected XSS Vulnerabilities exist in multiple WSO2 products within the deprecated Try-It feature, which was accessible only to administrative users. This feature accepted user-supplied URLs without proper validation, leading to server-side request forgery (SSRF). Additionally, the retrieved content was directly reflected in the HTTP response, enabling reflected cross-site scripting (XSS) in the admin user\u0027s browser context.\u003cbr\u003e\u003cbr\u003eBy tricking an administrator into accessing a crafted link, an attacker could force the server to fetch malicious content and reflect it into the admin\u2019s browser, leading to arbitrary JavaScript execution for UI manipulation or data exfiltration. While session cookies are protected with the HttpOnly flag, the XSS still poses a significant security risk.\u003cbr\u003e\u003cbr\u003eFurthermore, SSRF can be used by a privileged user to query internal services, potentially aiding in internal network enumeration if the target endpoints are reachable from the affected product.\u003cbr\u003e"
}
],
"value": "SSRF and Reflected XSS Vulnerabilities exist in multiple WSO2 products within the deprecated Try-It feature, which was accessible only to administrative users. This feature accepted user-supplied URLs without proper validation, leading to server-side request forgery (SSRF). Additionally, the retrieved content was directly reflected in the HTTP response, enabling reflected cross-site scripting (XSS) in the admin user\u0027s browser context.\n\nBy tricking an administrator into accessing a crafted link, an attacker could force the server to fetch malicious content and reflect it into the admin\u2019s browser, leading to arbitrary JavaScript execution for UI manipulation or data exfiltration. While session cookies are protected with the HttpOnly flag, the XSS still poses a significant security risk.\n\nFurthermore, SSRF can be used by a privileged user to query internal services, potentially aiding in internal network enumeration if the target endpoints are reachable from the affected product."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "CWE-918 Server-Side Request Forgery (SSRF)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-24T10:15:53.793Z",
"orgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"shortName": "WSO2"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4124/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: transparent;\"\u003eFollow the instructions given on \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4124/#solution\"\u003e\u003cspan style=\"background-color: transparent;\"\u003ehttps://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4124/#solution\u003c/span\u003e\u003c/a\u003e \u003cbr\u003e"
}
],
"value": "Follow the instructions given on https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4124/#solution https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4124/#solution"
}
],
"source": {
"advisory": "WSO2-2025-4124",
"discovery": "EXTERNAL"
},
"title": "SSRF and Reflected XSS Vulnerability in Deprecated Try-It Feature of Multiple WSO2 Products",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"assignerShortName": "WSO2",
"cveId": "CVE-2025-5350",
"datePublished": "2025-10-24T10:08:07.719Z",
"dateReserved": "2025-05-30T06:56:02.711Z",
"dateUpdated": "2025-10-24T12:16:49.892Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-9804 (GCVE-0-2025-9804)
Vulnerability from nvd – Published: 2025-10-16 12:33 – Updated: 2025-10-17 16:01
VLAI?
Summary
An improper access control vulnerability exists in multiple WSO2 products due to insufficient permission enforcement in certain internal SOAP Admin Services and System REST APIs. A low-privileged user may exploit this flaw to perform unauthorized operations, including accessing server-level information.
This vulnerability affects only internal administrative interfaces. APIs exposed through the WSO2 API Manager's API Gateway remain unaffected.
Severity ?
9.6 (Critical)
8.9 (High)
CWE
- CWE-284 - Improper Access Control
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| WSO2 | WSO2 Identity Server as Key Manager |
Unknown:
0 , < 5.3.0
(custom)
Affected: 5.3.0 , < 5.3.0.41 (custom) Affected: 5.5.0 , < 5.5.0.53 (custom) Affected: 5.6.0 , < 5.6.0.75 (custom) Affected: 5.7.0 , < 5.7.0.125 (custom) Affected: 5.9.0 , < 5.9.0.176 (custom) Affected: 5.10.0 , < 5.10.0.359 (custom) |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Credits
crnković
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-9804",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-16T13:20:20.582589Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-17T16:01:25.350Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WSO2 Identity Server as Key Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "5.3.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "5.3.0.41",
"status": "affected",
"version": "5.3.0",
"versionType": "custom"
},
{
"lessThan": "5.5.0.53",
"status": "affected",
"version": "5.5.0",
"versionType": "custom"
},
{
"lessThan": "5.6.0.75",
"status": "affected",
"version": "5.6.0",
"versionType": "custom"
},
{
"lessThan": "5.7.0.125",
"status": "affected",
"version": "5.7.0",
"versionType": "custom"
},
{
"lessThan": "5.9.0.176",
"status": "affected",
"version": "5.9.0",
"versionType": "custom"
},
{
"lessThan": "5.10.0.359",
"status": "affected",
"version": "5.10.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Identity Server",
"vendor": "WSO2",
"versions": [
{
"lessThan": "5.2.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "5.2.0.34",
"status": "affected",
"version": "5.2.0",
"versionType": "custom"
},
{
"lessThan": "5.3.0.36",
"status": "affected",
"version": "5.3.0",
"versionType": "custom"
},
{
"lessThan": "5.4.0.34",
"status": "affected",
"version": "5.4.0",
"versionType": "custom"
},
{
"lessThan": "5.4.1.38",
"status": "affected",
"version": "5.4.1",
"versionType": "custom"
},
{
"lessThan": "5.5.0.52",
"status": "affected",
"version": "5.5.0",
"versionType": "custom"
},
{
"lessThan": "5.6.0.60",
"status": "affected",
"version": "5.6.0",
"versionType": "custom"
},
{
"lessThan": "5.7.0.126",
"status": "affected",
"version": "5.7.0",
"versionType": "custom"
},
{
"lessThan": "5.8.0.110",
"status": "affected",
"version": "5.8.0",
"versionType": "custom"
},
{
"lessThan": "5.9.0.169",
"status": "affected",
"version": "5.9.0",
"versionType": "custom"
},
{
"lessThan": "5.10.0.369",
"status": "affected",
"version": "5.10.0",
"versionType": "custom"
},
{
"lessThan": "5.11.0.413",
"status": "affected",
"version": "5.11.0",
"versionType": "custom"
},
{
"lessThan": "6.0.0.244",
"status": "affected",
"version": "6.0.0",
"versionType": "custom"
},
{
"lessThan": "6.1.0.243",
"status": "affected",
"version": "6.1.0",
"versionType": "custom"
},
{
"lessThan": "7.0.0.118",
"status": "affected",
"version": "7.0.0",
"versionType": "custom"
},
{
"lessThan": "7.1.0.25",
"status": "affected",
"version": "7.1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Open Banking KM",
"vendor": "WSO2",
"versions": [
{
"lessThan": "1.4.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "1.4.0.133",
"status": "affected",
"version": "1.4.0",
"versionType": "custom"
},
{
"lessThan": "1.5.0.123",
"status": "affected",
"version": "1.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Open Banking IAM",
"vendor": "WSO2",
"versions": [
{
"lessThan": "2.0.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "2.0.0.409",
"status": "affected",
"version": "2.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Open Banking AM",
"vendor": "WSO2",
"versions": [
{
"lessThan": "1.4.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "1.4.0.139",
"status": "affected",
"version": "1.4.0",
"versionType": "custom"
},
{
"lessThan": "1.5.0.140",
"status": "affected",
"version": "1.5.0",
"versionType": "custom"
},
{
"lessThan": "2.0.0.389",
"status": "affected",
"version": "2.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 API Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "2.0.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "2.0.0.31",
"status": "affected",
"version": "2.0.0",
"versionType": "custom"
},
{
"lessThan": "2.1.0.40",
"status": "affected",
"version": "2.1.0",
"versionType": "custom"
},
{
"lessThan": "2.2.0.59",
"status": "affected",
"version": "2.2.0",
"versionType": "custom"
},
{
"lessThan": "2.5.0.85",
"status": "affected",
"version": "2.5.0",
"versionType": "custom"
},
{
"lessThan": "2.6.0.146",
"status": "affected",
"version": "2.6.0",
"versionType": "custom"
},
{
"lessThan": "3.0.0.176",
"status": "affected",
"version": "3.0.0",
"versionType": "custom"
},
{
"lessThan": "3.1.0.340",
"status": "affected",
"version": "3.1.0",
"versionType": "custom"
},
{
"lessThan": "3.2.0.441",
"status": "affected",
"version": "3.2.0",
"versionType": "custom"
},
{
"lessThan": "3.2.1.61",
"status": "affected",
"version": "3.2.1",
"versionType": "custom"
},
{
"lessThan": "4.0.0.361",
"status": "affected",
"version": "4.0.0",
"versionType": "custom"
},
{
"lessThan": "4.1.0.224",
"status": "affected",
"version": "4.1.0",
"versionType": "custom"
},
{
"lessThan": "4.2.0.162",
"status": "affected",
"version": "4.2.0",
"versionType": "custom"
},
{
"lessThan": "4.3.0.75",
"status": "affected",
"version": "4.3.0",
"versionType": "custom"
},
{
"lessThan": "4.4.0.39",
"status": "affected",
"version": "4.4.0",
"versionType": "custom"
},
{
"lessThan": "4.5.0.23",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Identity Server Analytics",
"vendor": "WSO2",
"versions": [
{
"lessThan": "5.2.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "5.2.0.19",
"status": "affected",
"version": "5.2.0",
"versionType": "custom"
},
{
"lessThan": "5.3.0.17",
"status": "affected",
"version": "5.3.0",
"versionType": "custom"
},
{
"lessThan": "5.5.0.31",
"status": "affected",
"version": "5.5.0",
"versionType": "custom"
},
{
"lessThan": "5.6.0.38",
"status": "affected",
"version": "5.6.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "API Manager Analytics",
"vendor": "WSO2",
"versions": [
{
"lessThan": "2.0.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "2.0.0.14",
"status": "affected",
"version": "2.0.0",
"versionType": "custom"
},
{
"lessThan": "2.1.0.19",
"status": "affected",
"version": "2.1.0",
"versionType": "custom"
},
{
"lessThan": "2.2.0.30",
"status": "affected",
"version": "2.2.0",
"versionType": "custom"
},
{
"lessThan": "2.5.0.39",
"status": "affected",
"version": "2.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Enterprise Integrator",
"vendor": "WSO2",
"versions": [
{
"lessThan": "6.2.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "6.2.0.62",
"status": "affected",
"version": "6.2.0",
"versionType": "custom"
},
{
"lessThan": "6.3.0.70",
"status": "affected",
"version": "6.3.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Enterprise Service Bus Analytics",
"vendor": "WSO2",
"versions": [
{
"lessThan": "5.0.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "5.0.0.13",
"status": "affected",
"version": "5.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Data Analytics Server",
"vendor": "WSO2",
"versions": [
{
"lessThan": "3.1.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "3.1.0.20",
"status": "affected",
"version": "3.1.0",
"versionType": "custom"
},
{
"lessThan": "3.2.0.33",
"status": "affected",
"version": "3.2.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Enterprise Mobility Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "2.2.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "2.2.0.28",
"status": "affected",
"version": "2.2.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Universal Gateway",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.0.22",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 API Control Plane",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.0.24",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Traffic Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.0.22",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"packageName": "org.wso2.carbon.extension.identity.authenticator.outbound.totp:org.wso2.carbon.extension.identity.authenticator.totp.connector",
"product": "org.wso2.carbon.extension.identity.authenticator.outbound.totp:org.wso2.carbon.extension.identity.authenticator.totp.connector",
"vendor": "WSO2",
"versions": [
{
"lessThan": "2.0.10.1",
"status": "affected",
"version": "2.0.10",
"versionType": "custom"
},
{
"lessThan": "2.0.15.1",
"status": "affected",
"version": "2.0.15",
"versionType": "custom"
},
{
"lessThan": "2.0.21.1",
"status": "affected",
"version": "2.0.21",
"versionType": "custom"
},
{
"lessThan": "2.0.22.1",
"status": "affected",
"version": "2.0.22",
"versionType": "custom"
},
{
"lessThan": "2.1.12.1",
"status": "affected",
"version": "2.1.12",
"versionType": "custom"
},
{
"lessThan": "2.1.1972",
"status": "affected",
"version": "2.1",
"versionType": "custom"
},
{
"lessThan": "2.2.24",
"status": "affected",
"version": "2.2",
"versionType": "custom"
},
{
"lessThan": "2.2.25",
"status": "affected",
"version": "2.2",
"versionType": "custom"
},
{
"lessThan": "3.1.0.74",
"status": "affected",
"version": "3.1.0",
"versionType": "custom"
},
{
"lessThan": "3.3.6.7",
"status": "affected",
"version": "3.3.6",
"versionType": "custom"
},
{
"lessThan": "3.3.26.2",
"status": "affected",
"version": "3.3.26",
"versionType": "custom"
},
{
"lessThan": "3.3.35.1",
"status": "affected",
"version": "3.3.35",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "3.3.41",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"packageName": "org.wso2.carbon.apimgt:org.wso2.carbon.apimgt.rest.api.util",
"product": "org.wso2.carbon.apimgt:org.wso2.carbon.apimgt.rest.api.util",
"vendor": "WSO2",
"versions": [
{
"lessThan": "6.7.206.567",
"status": "affected",
"version": "6.7.206",
"versionType": "custom"
},
{
"lessThan": "6.7.210.63",
"status": "affected",
"version": "6.7.210",
"versionType": "custom"
},
{
"lessThan": "9.0.174.522",
"status": "affected",
"version": "9.0.174",
"versionType": "custom"
},
{
"lessThan": "9.20.74.379",
"status": "affected",
"version": "9.20.74",
"versionType": "custom"
},
{
"lessThan": "9.28.116.360",
"status": "affected",
"version": "9.28.116",
"versionType": "custom"
},
{
"lessThan": "9.29.120.184",
"status": "affected",
"version": "9.29.120",
"versionType": "custom"
},
{
"lessThan": "9.30.67.109",
"status": "affected",
"version": "9.30.67",
"versionType": "custom"
},
{
"lessThan": "9.31.86.71",
"status": "affected",
"version": "9.31.86",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "9.32.133",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"packageName": "org.wso2.carbon:org.wso2.carbon.base",
"product": "org.wso2.carbon:org.wso2.carbon.base",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.4.7.6",
"status": "affected",
"version": "4.4.7",
"versionType": "custom"
},
{
"lessThan": "4.4.9.11",
"status": "affected",
"version": "4.4.9",
"versionType": "custom"
},
{
"lessThan": "4.4.11.9",
"status": "affected",
"version": "4.4.11",
"versionType": "custom"
},
{
"lessThan": "4.4.26.12",
"status": "affected",
"version": "4.4.26",
"versionType": "custom"
},
{
"lessThan": "4.4.35.44",
"status": "affected",
"version": "4.4.35",
"versionType": "custom"
},
{
"lessThan": "4.5.1.43",
"status": "affected",
"version": "4.5.1",
"versionType": "custom"
},
{
"lessThan": "4.6.0.1990",
"status": "affected",
"version": "4.6.0",
"versionType": "custom"
},
{
"lessThan": "4.6.1.149",
"status": "affected",
"version": "4.6.1",
"versionType": "custom"
},
{
"lessThan": "4.6.2.667",
"status": "affected",
"version": "4.6.2",
"versionType": "custom"
},
{
"lessThan": "4.6.3.36",
"status": "affected",
"version": "4.6.3",
"versionType": "custom"
},
{
"lessThan": "4.6.4.14",
"status": "affected",
"version": "4.6.4",
"versionType": "custom"
},
{
"lessThan": "4.7.1.68",
"status": "affected",
"version": "4.7.1",
"versionType": "custom"
},
{
"lessThan": "4.8.1.39",
"status": "affected",
"version": "4.8.1",
"versionType": "custom"
},
{
"lessThan": "4.9.0.99",
"status": "affected",
"version": "4.9.0",
"versionType": "custom"
},
{
"lessThan": "4.9.26.25",
"status": "affected",
"version": "4.9.26",
"versionType": "custom"
},
{
"lessThan": "4.9.27.10",
"status": "affected",
"version": "4.9.27",
"versionType": "custom"
},
{
"lessThan": "4.9.28.11",
"status": "affected",
"version": "4.9.28",
"versionType": "custom"
},
{
"lessThan": "4.10.9.66",
"status": "affected",
"version": "4.10.9",
"versionType": "custom"
},
{
"lessThan": "4.10.42.9",
"status": "affected",
"version": "4.10.42",
"versionType": "custom"
},
{
"lessThan": "4.9.29",
"status": "affected",
"version": "4.9",
"versionType": "custom"
},
{
"lessThan": "4.10.94",
"status": "affected",
"version": "4.10",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"packageName": "org.wso2.carbon.identity.framework:org.wso2.carbon.identity.application.mgt",
"product": "org.wso2.carbon.identity.framework:org.wso2.carbon.identity.application.mgt",
"vendor": "WSO2",
"versions": [
{
"lessThan": "5.2.0.4",
"status": "affected",
"version": "5.2.0",
"versionType": "custom"
},
{
"lessThan": "5.2.2.21",
"status": "affected",
"version": "5.2.2",
"versionType": "custom"
},
{
"lessThan": "5.7.5.18",
"status": "affected",
"version": "5.7.5",
"versionType": "custom"
},
{
"lessThan": "5.11.148.19",
"status": "affected",
"version": "5.11.148",
"versionType": "custom"
},
{
"lessThan": "5.11.256.21",
"status": "affected",
"version": "5.11.256",
"versionType": "custom"
},
{
"lessThan": "5.12.153.63",
"status": "affected",
"version": "5.12.153",
"versionType": "custom"
},
{
"lessThan": "5.12.387.46",
"status": "affected",
"version": "5.12.387",
"versionType": "custom"
},
{
"lessThan": "5.14.97.89",
"status": "affected",
"version": "5.14.97",
"versionType": "custom"
},
{
"lessThan": "5.17.5.317",
"status": "affected",
"version": "5.17.5",
"versionType": "custom"
},
{
"lessThan": "5.17.118.17",
"status": "affected",
"version": "5.17.118",
"versionType": "custom"
},
{
"lessThan": "5.18.187.309",
"status": "affected",
"version": "5.18.187",
"versionType": "custom"
},
{
"lessThan": "5.18.248.30",
"status": "affected",
"version": "5.18.248",
"versionType": "custom"
},
{
"lessThan": "5.23.8.207",
"status": "affected",
"version": "5.23.8",
"versionType": "custom"
},
{
"lessThan": "5.24.8.23",
"status": "affected",
"version": "5.24.8",
"versionType": "custom"
},
{
"lessThan": "5.25.92.152",
"status": "affected",
"version": "5.25.92",
"versionType": "custom"
},
{
"lessThan": "5.25.705.19",
"status": "affected",
"version": "5.25.705",
"versionType": "custom"
},
{
"lessThan": "5.25.713.9",
"status": "affected",
"version": "5.25.713",
"versionType": "custom"
},
{
"lessThan": "5.25.724.3",
"status": "affected",
"version": "5.25.724",
"versionType": "custom"
},
{
"lessThan": "7.0.78.133",
"status": "affected",
"version": "7.0.78",
"versionType": "custom"
},
{
"lessThan": "7.8.23.47",
"status": "affected",
"version": "7.8.23",
"versionType": "custom"
},
{
"lessThan": "5.25.734",
"status": "affected",
"version": "5.25",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "7.8.489",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"packageName": "org.wso2.carbon:org.wso2.carbon.server.admin",
"product": "org.wso2.carbon:org.wso2.carbon.server.admin",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.4.7.6",
"status": "affected",
"version": "4.4.7",
"versionType": "custom"
},
{
"lessThan": "4.4.9.11",
"status": "affected",
"version": "4.4.9",
"versionType": "custom"
},
{
"lessThan": "4.4.11.9",
"status": "affected",
"version": "4.4.11",
"versionType": "custom"
},
{
"lessThan": "4.4.26.12",
"status": "affected",
"version": "4.4.26",
"versionType": "custom"
},
{
"lessThan": "4.4.32.16",
"status": "affected",
"version": "4.4.32",
"versionType": "custom"
},
{
"lessThan": "4.4.35.44",
"status": "affected",
"version": "4.4.35",
"versionType": "custom"
},
{
"lessThan": "4.5.1.43",
"status": "affected",
"version": "4.5.1",
"versionType": "custom"
},
{
"lessThan": "4.6.0.1990",
"status": "affected",
"version": "4.6.0",
"versionType": "custom"
},
{
"lessThan": "4.6.1.149",
"status": "affected",
"version": "4.6.1",
"versionType": "custom"
},
{
"lessThan": "4.6.2.667",
"status": "affected",
"version": "4.6.2",
"versionType": "custom"
},
{
"lessThan": "4.6.3.36",
"status": "affected",
"version": "4.6.3",
"versionType": "custom"
},
{
"lessThan": "4.6.4.14",
"status": "affected",
"version": "4.6.4",
"versionType": "custom"
},
{
"lessThan": "4.7.1.68",
"status": "affected",
"version": "4.7.1",
"versionType": "custom"
},
{
"lessThan": "4.8.1.39",
"status": "affected",
"version": "4.8.1",
"versionType": "custom"
},
{
"lessThan": "4.9.0.99",
"status": "affected",
"version": "4.9.0",
"versionType": "custom"
},
{
"lessThan": "4.9.26.25",
"status": "affected",
"version": "4.9.26",
"versionType": "custom"
},
{
"lessThan": "4.9.27.10",
"status": "affected",
"version": "4.9.27",
"versionType": "custom"
},
{
"lessThan": "4.9.28.11",
"status": "affected",
"version": "4.9.28",
"versionType": "custom"
},
{
"lessThan": "4.10.9.66",
"status": "affected",
"version": "4.10.9",
"versionType": "custom"
},
{
"lessThan": "4.10.42.9",
"status": "affected",
"version": "4.10.42",
"versionType": "custom"
},
{
"lessThan": "4.9.29",
"status": "affected",
"version": "4.9",
"versionType": "custom"
},
{
"lessThan": "4.10.94",
"status": "affected",
"version": "4.10",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"packageName": "org.wso2.carbon.identity.workflow.user:org.wso2.carbon.user.mgt.workflow",
"product": "org.wso2.carbon.identity.workflow.user:org.wso2.carbon.user.mgt.workflow",
"vendor": "WSO2",
"versions": [
{
"lessThan": "5.1.1.1",
"status": "affected",
"version": "5.1.1",
"versionType": "custom"
},
{
"lessThan": "5.1.2.1",
"status": "affected",
"version": "5.1.2",
"versionType": "custom"
},
{
"lessThan": "5.1.5.1",
"status": "affected",
"version": "5.1.5",
"versionType": "custom"
},
{
"lessThan": "5.3.3.1",
"status": "affected",
"version": "5.3.3",
"versionType": "custom"
},
{
"lessThan": "5.4.0.4",
"status": "affected",
"version": "5.4.0",
"versionType": "custom"
},
{
"lessThan": "5.4.1.5",
"status": "affected",
"version": "5.4.1",
"versionType": "custom"
},
{
"lessThan": "5.6.0.1",
"status": "affected",
"version": "5.6.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.6.21",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "crnkovi\u0107"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An improper access control vulnerability exists in multiple WSO2 products due to insufficient permission enforcement in certain internal SOAP Admin Services and System REST APIs. A low-privileged user may exploit this flaw to perform unauthorized operations, including accessing server-level information.\u003cbr\u003e\u003cbr\u003eThis vulnerability affects only internal administrative interfaces. APIs exposed through the WSO2 API Manager\u0027s API Gateway remain unaffected.\u003cbr\u003e"
}
],
"value": "An improper access control vulnerability exists in multiple WSO2 products due to insufficient permission enforcement in certain internal SOAP Admin Services and System REST APIs. A low-privileged user may exploit this flaw to perform unauthorized operations, including accessing server-level information.\n\nThis vulnerability affects only internal administrative interfaces. APIs exposed through the WSO2 API Manager\u0027s API Gateway remain unaffected."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.6,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "For WSO2 API Manager"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.9,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "For WSO2 Identity Server"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-16T12:33:45.426Z",
"orgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"shortName": "WSO2"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4503/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: transparent;\"\u003eFollow the instructions given on \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4503/#solution\"\u003e\u003cspan style=\"background-color: transparent;\"\u003ehttps://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4503/#solution\u003c/span\u003e\u003c/a\u003e \u003cbr\u003e"
}
],
"value": "Follow the instructions given on https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4503/#solution https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4503/#solution"
}
],
"source": {
"advisory": "WSO2-2025-4503",
"discovery": "EXTERNAL"
},
"title": "Improper Access Control in Multiple WSO2 Products via Internal SOAP Admin Services and System REST APIs",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"assignerShortName": "WSO2",
"cveId": "CVE-2025-9804",
"datePublished": "2025-10-16T12:33:45.426Z",
"dateReserved": "2025-09-01T13:11:12.678Z",
"dateUpdated": "2025-10-17T16:01:25.350Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-10611 (GCVE-0-2025-10611)
Vulnerability from nvd – Published: 2025-10-16 12:09 – Updated: 2025-10-16 13:34
VLAI?
Summary
Due to an insufficient access control implementation in multiple WSO2 Products, authentication and authorization checks for certain REST APIs can be bypassed, allowing them to be invoked without proper validation.
Successful exploitation of this vulnerability could lead to a malicious actor gaining administrative access and performing unauthenticated and unauthorized administrative operations.
Severity ?
9.8 (Critical)
CWE
- CWE-863 - Incorrect Authorization
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| WSO2 | WSO2 API Manager |
Unknown:
0 , < 2.1.0
(custom)
Affected: 2.1.0 , < 2.1.0.42 (custom) Affected: 2.2.0 , < 2.2.0.61 (custom) Affected: 2.5.0 , < 2.5.0.87 (custom) Affected: 2.6.0 , < 2.6.0.148 (custom) Affected: 3.0.0 , < 3.0.0.178 (custom) Affected: 3.1.0 , < 3.1.0.345 (custom) Affected: 3.2.0 , < 3.2.0.446 (custom) Affected: 3.2.1 , < 3.2.1.66 (custom) Affected: 4.0.0 , < 4.0.0.366 (custom) Affected: 4.1.0 , < 4.1.0.228 (custom) Affected: 4.2.0 , < 4.2.0.169 (custom) Affected: 4.3.0 , < 4.3.0.81 (custom) Affected: 4.4.0 , < 4.4.0.45 (custom) Affected: 4.5.0 , < 4.5.0.28 (custom) |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-10611",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-16T13:24:33.931504Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863 Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-16T13:34:31.799Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WSO2 API Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "2.1.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "2.1.0.42",
"status": "affected",
"version": "2.1.0",
"versionType": "custom"
},
{
"lessThan": "2.2.0.61",
"status": "affected",
"version": "2.2.0",
"versionType": "custom"
},
{
"lessThan": "2.5.0.87",
"status": "affected",
"version": "2.5.0",
"versionType": "custom"
},
{
"lessThan": "2.6.0.148",
"status": "affected",
"version": "2.6.0",
"versionType": "custom"
},
{
"lessThan": "3.0.0.178",
"status": "affected",
"version": "3.0.0",
"versionType": "custom"
},
{
"lessThan": "3.1.0.345",
"status": "affected",
"version": "3.1.0",
"versionType": "custom"
},
{
"lessThan": "3.2.0.446",
"status": "affected",
"version": "3.2.0",
"versionType": "custom"
},
{
"lessThan": "3.2.1.66",
"status": "affected",
"version": "3.2.1",
"versionType": "custom"
},
{
"lessThan": "4.0.0.366",
"status": "affected",
"version": "4.0.0",
"versionType": "custom"
},
{
"lessThan": "4.1.0.228",
"status": "affected",
"version": "4.1.0",
"versionType": "custom"
},
{
"lessThan": "4.2.0.169",
"status": "affected",
"version": "4.2.0",
"versionType": "custom"
},
{
"lessThan": "4.3.0.81",
"status": "affected",
"version": "4.3.0",
"versionType": "custom"
},
{
"lessThan": "4.4.0.45",
"status": "affected",
"version": "4.4.0",
"versionType": "custom"
},
{
"lessThan": "4.5.0.28",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 API Control Plane",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.0.29",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Open Banking AM",
"vendor": "WSO2",
"versions": [
{
"lessThan": "1.4.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "1.4.0.141",
"status": "affected",
"version": "1.4.0",
"versionType": "custom"
},
{
"lessThan": "1.5.0.142",
"status": "affected",
"version": "1.5.0",
"versionType": "custom"
},
{
"lessThan": "2.0.0.394",
"status": "affected",
"version": "2.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Open Banking IAM",
"vendor": "WSO2",
"versions": [
{
"lessThan": "2.0.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "2.0.0.414",
"status": "affected",
"version": "2.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Identity Server",
"vendor": "WSO2",
"versions": [
{
"lessThan": "5.3.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "5.3.0.39",
"status": "affected",
"version": "5.3.0",
"versionType": "custom"
},
{
"lessThan": "5.5.0.54",
"status": "affected",
"version": "5.5.0",
"versionType": "custom"
},
{
"lessThan": "5.6.0.62",
"status": "affected",
"version": "5.6.0",
"versionType": "custom"
},
{
"lessThan": "5.7.0.128",
"status": "affected",
"version": "5.7.0",
"versionType": "custom"
},
{
"lessThan": "5.8.0.112",
"status": "affected",
"version": "5.8.0",
"versionType": "custom"
},
{
"lessThan": "5.9.0.171",
"status": "affected",
"version": "5.9.0",
"versionType": "custom"
},
{
"lessThan": "5.10.0.375",
"status": "affected",
"version": "5.10.0",
"versionType": "custom"
},
{
"lessThan": "5.11.0.419",
"status": "affected",
"version": "5.11.0",
"versionType": "custom"
},
{
"lessThan": "6.0.0.248",
"status": "affected",
"version": "6.0.0",
"versionType": "custom"
},
{
"lessThan": "6.1.0.248",
"status": "affected",
"version": "6.1.0",
"versionType": "custom"
},
{
"lessThan": "7.0.0.124",
"status": "affected",
"version": "7.0.0",
"versionType": "custom"
},
{
"lessThan": "7.1.0.31",
"status": "affected",
"version": "7.1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Identity Server as Key Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "5.3.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "5.3.0.44",
"status": "affected",
"version": "5.3.0",
"versionType": "custom"
},
{
"lessThan": "5.5.0.55",
"status": "affected",
"version": "5.5.0",
"versionType": "custom"
},
{
"lessThan": "5.6.0.77",
"status": "affected",
"version": "5.6.0",
"versionType": "custom"
},
{
"lessThan": "5.7.0.127",
"status": "affected",
"version": "5.7.0",
"versionType": "custom"
},
{
"lessThan": "5.9.0.178",
"status": "affected",
"version": "5.9.0",
"versionType": "custom"
},
{
"lessThan": "5.10.0.365",
"status": "affected",
"version": "5.10.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Open Banking KM",
"vendor": "WSO2",
"versions": [
{
"lessThan": "1.4.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "1.4.0.135",
"status": "affected",
"version": "1.4.0",
"versionType": "custom"
},
{
"lessThan": "1.5.0.125",
"status": "affected",
"version": "1.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Universal Gateway",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.0.27",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Traffic Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.0.27",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"packageName": "org.wso2.carbon.identity.auth.rest:org.wso2.carbon.identity.auth.service",
"product": "org.wso2.carbon.identity.auth.rest:org.wso2.carbon.identity.auth.service",
"vendor": "WSO2",
"versions": [
{
"lessThan": "1.1.1.7",
"status": "affected",
"version": "1.1.1",
"versionType": "custom"
},
{
"lessThan": "1.1.16.6",
"status": "affected",
"version": "1.1.16",
"versionType": "custom"
},
{
"lessThan": "1.1.18.7",
"status": "affected",
"version": "1.1.18",
"versionType": "custom"
},
{
"lessThan": "1.1.20.9",
"status": "affected",
"version": "1.1.20",
"versionType": "custom"
},
{
"lessThan": "1.1.26.11",
"status": "affected",
"version": "1.1.26",
"versionType": "custom"
},
{
"lessThan": "1.3.6.11",
"status": "affected",
"version": "1.3.6",
"versionType": "custom"
},
{
"lessThan": "1.4.0.21",
"status": "affected",
"version": "1.4.0",
"versionType": "custom"
},
{
"lessThan": "1.4.25.27",
"status": "affected",
"version": "1.4.25",
"versionType": "custom"
},
{
"lessThan": "1.4.52.6",
"status": "affected",
"version": "1.4.52",
"versionType": "custom"
},
{
"lessThan": "1.6.1.12",
"status": "affected",
"version": "1.6.1",
"versionType": "custom"
},
{
"lessThan": "1.7.1.7",
"status": "affected",
"version": "1.7.1",
"versionType": "custom"
},
{
"lessThan": "1.8.11.8",
"status": "affected",
"version": "1.8.11",
"versionType": "custom"
},
{
"lessThan": "1.8.41.4",
"status": "affected",
"version": "1.8.41",
"versionType": "custom"
},
{
"lessThan": "1.9.4.9",
"status": "affected",
"version": "1.9.4",
"versionType": "custom"
},
{
"lessThan": "1.9.18.7",
"status": "affected",
"version": "1.9.18",
"versionType": "custom"
},
{
"lessThan": "1.8.48",
"status": "affected",
"version": "1.8",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "1.9.46",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"packageName": "org.wso2.carbon.identity.auth.rest:org.wso2.carbon.identity.auth.valve",
"product": "org.wso2.carbon.identity.auth.rest:org.wso2.carbon.identity.auth.valve",
"vendor": "WSO2",
"versions": [
{
"lessThan": "1.1.1.7",
"status": "affected",
"version": "1.1.1",
"versionType": "custom"
},
{
"lessThan": "1.1.16.6",
"status": "affected",
"version": "1.1.16",
"versionType": "custom"
},
{
"lessThan": "1.1.18.7",
"status": "affected",
"version": "1.1.18",
"versionType": "custom"
},
{
"lessThan": "1.1.20.9",
"status": "affected",
"version": "1.1.20",
"versionType": "custom"
},
{
"lessThan": "1.1.26.11",
"status": "affected",
"version": "1.1.26",
"versionType": "custom"
},
{
"lessThan": "1.3.6.11",
"status": "affected",
"version": "1.3.6",
"versionType": "custom"
},
{
"lessThan": "1.4.0.21",
"status": "affected",
"version": "1.4.0",
"versionType": "custom"
},
{
"lessThan": "1.4.25.27",
"status": "affected",
"version": "1.4.25",
"versionType": "custom"
},
{
"lessThan": "1.4.52.6",
"status": "affected",
"version": "1.4.52",
"versionType": "custom"
},
{
"lessThan": "1.6.1.12",
"status": "affected",
"version": "1.6.1",
"versionType": "custom"
},
{
"lessThan": "1.7.1.7",
"status": "affected",
"version": "1.7.1",
"versionType": "custom"
},
{
"lessThan": "1.8.11.8",
"status": "affected",
"version": "1.8.11",
"versionType": "custom"
},
{
"lessThan": "1.8.41.4",
"status": "affected",
"version": "1.8.41",
"versionType": "custom"
},
{
"lessThan": "1.9.4.9",
"status": "affected",
"version": "1.9.4",
"versionType": "custom"
},
{
"lessThan": "1.9.18.7",
"status": "affected",
"version": "1.9.18",
"versionType": "custom"
},
{
"lessThan": "1.8.48",
"status": "affected",
"version": "1.8",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "1.9.46",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Due to an insufficient access control implementation in multiple WSO2 Products, authentication and authorization checks for certain REST APIs can be bypassed, allowing them to be invoked without proper validation.\u003cbr\u003e\u003cbr\u003eSuccessful exploitation of this vulnerability could lead to a malicious actor gaining administrative access and performing unauthenticated and unauthorized administrative operations.\u003cbr\u003e"
}
],
"value": "Due to an insufficient access control implementation in multiple WSO2 Products, authentication and authorization checks for certain REST APIs can be bypassed, allowing them to be invoked without proper validation.\n\nSuccessful exploitation of this vulnerability could lead to a malicious actor gaining administrative access and performing unauthenticated and unauthorized administrative operations."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-16T12:09:31.802Z",
"orgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"shortName": "WSO2"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4585/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: transparent;\"\u003eFollow the instructions given on \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4585/#solution\"\u003e\u003cspan style=\"background-color: transparent;\"\u003ehttps://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4585/#solution\u003c/span\u003e\u003c/a\u003e \u003cbr\u003e"
}
],
"value": "Follow the instructions given on https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4585/#solution https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4585/#solution"
}
],
"source": {
"advisory": "WSO2-2025-4585",
"discovery": "INTERNAL"
},
"title": "Potential Broken Access Control in Multiple WSO2 Products via System REST APIs",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"assignerShortName": "WSO2",
"cveId": "CVE-2025-10611",
"datePublished": "2025-10-16T12:09:31.802Z",
"dateReserved": "2025-09-17T08:56:27.794Z",
"dateUpdated": "2025-10-16T13:34:31.799Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-1862 (GCVE-0-2025-1862)
Vulnerability from nvd – Published: 2025-09-26 08:18 – Updated: 2025-09-29 12:38
VLAI?
Summary
An arbitrary file upload vulnerability exists in multiple WSO2 products due to improper validation of user-supplied filenames in the BPEL uploader SOAP service endpoint. A malicious actor with administrative privileges can upload arbitrary files to a user-controlled location on the server.
By leveraging this vulnerability, an attacker can upload a specially crafted payload and achieve remote code execution (RCE), potentially compromising the server and its data.
Severity ?
6.7 (Medium)
CWE
- CWE-434 - Unrestricted Upload of File with Dangerous Type
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| WSO2 | WSO2 Enterprise Integrator |
Affected:
6.6.0 , < 6.6.0.215
(custom)
|
|||||||||||||||||
|
|||||||||||||||||||
Credits
Luk Luk
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-1862",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-27T03:55:27.361521Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-29T12:38:07.003Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WSO2 Enterprise Integrator",
"vendor": "WSO2",
"versions": [
{
"lessThan": "6.6.0.215",
"status": "affected",
"version": "6.6.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Identity Server",
"vendor": "WSO2",
"versions": [
{
"lessThan": "5.10.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "5.10.0.347",
"status": "affected",
"version": "5.10.0",
"versionType": "custom"
},
{
"lessThan": "5.11.0.396",
"status": "affected",
"version": "5.11.0",
"versionType": "custom"
},
{
"lessThan": "6.0.0.232",
"status": "affected",
"version": "6.0.0",
"versionType": "custom"
},
{
"lessThan": "6.1.0.224",
"status": "affected",
"version": "6.1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Open Banking IAM",
"vendor": "WSO2",
"versions": [
{
"lessThan": "2.0.0.391",
"status": "affected",
"version": "2.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Identity Server as Key Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "5.10.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "5.10.0.340",
"status": "affected",
"version": "5.10.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Luk Luk"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An arbitrary file upload vulnerability exists in multiple WSO2 products due to improper validation of user-supplied filenames in the BPEL uploader SOAP service endpoint. A malicious actor with administrative privileges can upload arbitrary files to a user-controlled location on the server.\n\u003cbr\u003e\u003cbr\u003eBy leveraging this vulnerability, an attacker can upload a specially crafted payload and achieve remote code execution (RCE), potentially compromising the server and its data.\u003cbr\u003e"
}
],
"value": "An arbitrary file upload vulnerability exists in multiple WSO2 products due to improper validation of user-supplied filenames in the BPEL uploader SOAP service endpoint. A malicious actor with administrative privileges can upload arbitrary files to a user-controlled location on the server.\n\n\nBy leveraging this vulnerability, an attacker can upload a specially crafted payload and achieve remote code execution (RCE), potentially compromising the server and its data."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-26T08:18:21.708Z",
"orgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"shortName": "WSO2"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-3992/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: transparent;\"\u003eFollow the instructions given on \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-3992/#solution\"\u003e\u003cspan style=\"background-color: transparent;\"\u003ehttps://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-3992/#solution\u003c/span\u003e\u003c/a\u003e \u003cbr\u003e"
}
],
"value": "Follow the instructions given on https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-3992/#solution https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-3992/#solution"
}
],
"source": {
"advisory": "WSO2-2025-3992",
"discovery": "EXTERNAL"
},
"title": "Authenticated Arbitrary File Upload in Multiple WSO2 Products via BPEL Uploader SOAP Service Leading to Remote Code Execution",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"assignerShortName": "WSO2",
"cveId": "CVE-2025-1862",
"datePublished": "2025-09-26T08:18:21.708Z",
"dateReserved": "2025-03-03T04:53:13.295Z",
"dateUpdated": "2025-09-29T12:38:07.003Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-1396 (GCVE-0-2025-1396)
Vulnerability from nvd – Published: 2025-09-26 07:52 – Updated: 2025-09-30 15:43
VLAI?
Summary
A username enumeration vulnerability exists in multiple WSO2 products when Multi-Attribute Login is enabled. In this configuration, the system returns a distinct "User does not exist" error message to the login form, regardless of the validate_username setting. This behavior allows malicious actors to determine which usernames exist in the system based on observable discrepancies in the application's responses.
Exploitation of this vulnerability could aid in brute-force attacks, targeted phishing campaigns, or other social engineering techniques by confirming the validity of user identifiers within the system.
Severity ?
CWE
- CWE-203 - Observable Discrepancy
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| WSO2 | WSO2 Identity Server |
Unknown:
0 , < 5.10.0
(custom)
Affected: 5.10.0 , < 5.10.0.346 (custom) Affected: 5.11.0 , < 5.11.0.395 (custom) Affected: 6.0.0 , < 6.0.0.231 (custom) Affected: 6.1.0 , < 6.1.0.223 (custom) |
||||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-1396",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-30T15:43:25.782305Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-30T15:43:31.106Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WSO2 Identity Server",
"vendor": "WSO2",
"versions": [
{
"lessThan": "5.10.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "5.10.0.346",
"status": "affected",
"version": "5.10.0",
"versionType": "custom"
},
{
"lessThan": "5.11.0.395",
"status": "affected",
"version": "5.11.0",
"versionType": "custom"
},
{
"lessThan": "6.0.0.231",
"status": "affected",
"version": "6.0.0",
"versionType": "custom"
},
{
"lessThan": "6.1.0.223",
"status": "affected",
"version": "6.1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Open Banking IAM",
"vendor": "WSO2",
"versions": [
{
"lessThan": "2.0.0.390",
"status": "affected",
"version": "2.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Identity Server as Key Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "5.10.0.339",
"status": "affected",
"version": "5.10.0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA username enumeration vulnerability exists in multiple WSO2 products when Multi-Attribute Login is enabled. In this configuration, the system returns a distinct \"User does not exist\" error message to the login form, regardless of the validate_username setting. This behavior allows malicious actors to determine which usernames exist in the system based on observable discrepancies in the application\u0027s responses.\u003cbr\u003e\u003c/p\u003e\u003cb\u003e\u003c/b\u003e\u003cp\u003eExploitation of this vulnerability could aid in brute-force attacks, targeted phishing campaigns, or other social engineering techniques by confirming the validity of user identifiers within the system.\u003cbr\u003e\u003c/p\u003e\u003cb\u003e\u003c/b\u003e"
}
],
"value": "A username enumeration vulnerability exists in multiple WSO2 products when Multi-Attribute Login is enabled. In this configuration, the system returns a distinct \"User does not exist\" error message to the login form, regardless of the validate_username setting. This behavior allows malicious actors to determine which usernames exist in the system based on observable discrepancies in the application\u0027s responses.\n\n\nExploitation of this vulnerability could aid in brute-force attacks, targeted phishing campaigns, or other social engineering techniques by confirming the validity of user identifiers within the system."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-203",
"description": "CWE-203 Observable Discrepancy",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-26T08:19:45.872Z",
"orgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"shortName": "WSO2"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-3983/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: transparent;\"\u003eFollow the instructions given on \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-3983/#solution\"\u003e\u003cspan style=\"background-color: transparent;\"\u003ehttps://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-3983/#solution\u003c/span\u003e\u003c/a\u003e \u003cbr\u003e"
}
],
"value": "Follow the instructions given on https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-3983/#solution https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-3983/#solution"
}
],
"source": {
"advisory": "WSO2-2025-3983",
"discovery": "INTERNAL"
},
"title": "Username Enumeration in Multiple WSO2 Products with Multi-Attribute Login Enabled",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"assignerShortName": "WSO2",
"cveId": "CVE-2025-1396",
"datePublished": "2025-09-26T07:52:52.297Z",
"dateReserved": "2025-02-17T14:17:42.038Z",
"dateUpdated": "2025-09-30T15:43:31.106Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-0672 (GCVE-0-2025-0672)
Vulnerability from nvd – Published: 2025-09-23 17:30 – Updated: 2025-09-25 16:01
VLAI?
Summary
An authentication bypass vulnerability exists in multiple WSO2 products when FIDO authentication is enabled. When a user account is deleted, the system does not automatically remove associated FIDO registration data. If a new user account is later created using the same username, the system may associate the new account with the previously registered FIDO device.
This flaw may allow a previously deleted user to authenticate using their FIDO credentials and impersonate the newly created user, resulting in unauthorized access. The vulnerability applies only to deployments that utilize FIDO-based authentication.
Severity ?
CWE
- CWE-287 - Improper Authentication
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| WSO2 | WSO2 Identity Server as Key Manager |
Unknown:
0 , < 5.10.0
(custom)
Affected: 5.10.0 , < 5.10.0.338 (custom) |
||||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0672",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-23T18:30:32.258796Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287 Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-25T16:01:00.676Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WSO2 Identity Server as Key Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "5.10.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "5.10.0.338",
"status": "affected",
"version": "5.10.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Identity Server",
"vendor": "WSO2",
"versions": [
{
"lessThan": "5.10.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "5.10.0.345",
"status": "affected",
"version": "5.10.0",
"versionType": "custom"
},
{
"lessThan": "5.11.0.394",
"status": "affected",
"version": "5.11.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Open Banking IAM",
"vendor": "WSO2",
"versions": [
{
"lessThan": "2.0.0.389",
"status": "affected",
"version": "2.0.0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An authentication bypass vulnerability exists in multiple WSO2 products when FIDO authentication is enabled. When a user account is deleted, the system does not automatically remove associated FIDO registration data. If a new user account is later created using the same username, the system may associate the new account with the previously registered FIDO device.\u003cbr\u003e\u003cbr\u003eThis flaw may allow a previously deleted user to authenticate using their FIDO credentials and impersonate the newly created user, resulting in unauthorized access. The vulnerability applies only to deployments that utilize FIDO-based authentication.\u003cbr\u003e"
}
],
"value": "An authentication bypass vulnerability exists in multiple WSO2 products when FIDO authentication is enabled. When a user account is deleted, the system does not automatically remove associated FIDO registration data. If a new user account is later created using the same username, the system may associate the new account with the previously registered FIDO device.\n\nThis flaw may allow a previously deleted user to authenticate using their FIDO credentials and impersonate the newly created user, resulting in unauthorized access. The vulnerability applies only to deployments that utilize FIDO-based authentication."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-23T17:30:42.687Z",
"orgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"shortName": "WSO2"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-3134/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: transparent;\"\u003eFollow the instructions given on \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-3134/#solution\"\u003e\u003cspan style=\"background-color: transparent;\"\u003ehttps://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-3134/#solution\u003c/span\u003e\u003c/a\u003e \u003cbr\u003e"
}
],
"value": "Follow the instructions given on https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-3134/#solution https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-3134/#solution"
}
],
"source": {
"advisory": "WSO2-2025-3134",
"discovery": "INTERNAL"
},
"title": "Authentication Bypass in Multiple WSO2 Products via Stale FIDO Credential Association",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"assignerShortName": "WSO2",
"cveId": "CVE-2025-0672",
"datePublished": "2025-09-23T17:30:42.687Z",
"dateReserved": "2025-01-23T13:38:31.988Z",
"dateUpdated": "2025-09-25T16:01:00.676Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}