Identity Server As Key Manager Security Vulnerabilities and Issues — Identity Server As Key Manager CVE List

Lucene search

Wso2Identity Server As Key Manager

4 matches found

CVE•added 2020/06/06 7:15 p.m.•88 views

CVE-2020-13883

In WSO2 API Manager 3.0.0 and earlier, WSO2 API Microgateway 2.2.0, and WSO2 IS as Key Manager 5.9.0 and earlier, Management Console allows XXE during addition or update of a Lifecycle.

6.7CVSS6.5AI score0.00279EPSS

CVE•added 2020/06/18 6:15 p.m.•31 views

CVE-2020-14446

An issue was discovered in WSO2 Identity Server through 5.10.0 and WSO2 IS as Key Manager through 5.10.0. An open redirect exists.

6.1CVSS6.2AI score0.00147EPSS

CVE•added 2020/06/18 6:15 p.m.•30 views

CVE-2020-14444

An issue was discovered in WSO2 Identity Server through 5.9.0 and WSO2 IS as Key Manager through 5.9.0. A potential Reflected Cross-Site Scripting (XSS) vulnerability has been identified in the Management Console Policy Administration user interface.

5.4CVSS5.2AI score0.00217EPSS

CVE•added 2020/06/18 6:15 p.m.•28 views

CVE-2020-14445

5.4CVSS5.2AI score0.00217EPSS