Api Manager Security Vulnerabilities and Issues — Api Manager CVE List

Lucene search

Wso2Api Manager

4 matches found

CVE•added 2022/05/11 6:15 p.m.•1594 views

CVE-2021-42646

XML External Entity (XXE) vulnerability in the file based service provider creation feature of the Management Console in WSO2 API Manager 2.6.0, 3.0.0, 3.1.0, 3.2.0, and 4.0.0; and WSO2 IS as Key Manager 5.7.0, 5.9.0, and 5.10.0; and WSO2 Identity Server 5.7.0, 5.8.0, 5.9.0, 5.10.0, and 5.11.0. All...

9.1CVSS9AI score0.01274EPSS

CVE•added 2020/08/21 8:15 p.m.•75 views

CVE-2020-24589

The Management Console in WSO2 API Manager through 3.1.0 and API Microgateway 2.2.0 allows XML External Entity injection (XXE) attacks.

9.1CVSS9.3AI score0.89204EPSS

CVE•added 2020/08/21 8:15 p.m.•75 views

CVE-2020-24590

The Management Console in WSO2 API Manager through 3.1.0 and API Microgateway 2.2.0 allows XML Entity Expansion attacks.

9.1CVSS9.2AI score0.00562EPSS

CVE•added 2020/05/20 12:15 p.m.•49 views

CVE-2020-13226

WSO2 API Manager 3.0.0 does not properly restrict outbound network access from a Publisher node, opening up the possibility of SSRF to this node's entire intranet.

9.8CVSS9.3AI score0.00704EPSS