Known Vulnerabilities for Identity Server As Key Manager by Wso2
Listed below are 10 of the newest known vulnerabilities associated with "Identity Server As Key Manager" by "Wso2".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2023-6837 json | 8.2 - HIGH | 2023-12-15 | 2024-01-05 | |
| CVE-2022-29548 json | A reflected XSS issue exists in the Management Console of several WSO2 products. This affects API Manager 2.2.0, 2.5.0, 2.6.0... | 6.1 - MEDIUM | 2022-04-21 | 2023-11-03 |
| CVE-2022-29464 json | Certain WSO2 products allow unrestricted file upload with resultant remote code execution. The attacker must use a /fileuploa... | 9.8 - CRITICAL | 2022-04-18 | 2023-10-23 |
| CVE-2021-42646 json | XML External Entity (XXE) vulnerability in the file based service provider creation feature of the Management Console in WSO2... | 9.1 - CRITICAL | 2022-05-11 | 2024-01-11 |
| CVE-2021-36760 json | In accountrecoveryendpoint/recoverpassword.do in WSO2 Identity Server 5.7.0, it is possible to perform a DOM-Based XSS attack... | 6.1 - MEDIUM | 2021-12-07 | 2021-12-09 |
| CVE-2020-24706 json | An issue was discovered in certain WSO2 products. The Try It tool allows Reflected XSS. This affects API Manager through 3.1.... | 6.1 - MEDIUM | 2020-08-27 | 2024-01-09 |
| CVE-2020-24705 json | An issue was discovered in certain WSO2 products. A valid Carbon Management Console session cookie may be sent to an attacker... | 8.8 - HIGH | 2020-08-27 | 2024-01-11 |
| CVE-2020-24704 json | An issue was discovered in certain WSO2 products. The Try It tool allows Reflected XSS. This affects API Manager 2.2.0, API M... | 6.1 - MEDIUM | 2020-08-27 | 2024-01-11 |
| CVE-2020-24703 json | An issue was discovered in certain WSO2 products. A valid Carbon Management Console session cookie may be sent to an attacker... | 8.8 - HIGH | 2020-08-27 | 2024-01-11 |
| CVE-2020-17453 json | WSO2 Management Console through 5.10 allows XSS via the carbon/admin/login.jsp msgId parameter. | 6.1 - MEDIUM | 2021-04-05 | 2024-01-11 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Wso2 | Identity Server As Key Manager | 5.9.0 | |||
| Application | Wso2 | Identity Server As Key Manager | 5.8.0 | |||
| Application | Wso2 | Identity Server As Key Manager | 5.7.0 | |||
| Application | Wso2 | Identity Server As Key Manager | 5.6.0 | |||
| Application | Wso2 | Identity Server As Key Manager | 5.5.0 | |||
| Application | Wso2 | Identity Server As Key Manager | 5.4.1 | |||
| Application | Wso2 | Identity Server As Key Manager | 5.4.0 | |||
| Application | Wso2 | Identity Server As Key Manager | 5.3.0 | |||
| Application | Wso2 | Identity Server As Key Manager | 5.2.0 | |||
| Application | Wso2 | Identity Server As Key Manager | 5.10.0 | |||
| Application | Wso2 | Identity Server As Key Manager | 5.1.0 | |||
| Application | Wso2 | Identity Server As Key Manager | 5.0.0 |