RSS   Vulnerabilities for 'Api microgateway'   RSS

2020-08-21
 
CVE-2020-24590

CWE-776
 

 
The Management Console in WSO2 API Manager through 3.1.0 and API Microgateway 2.2.0 allows XML Entity Expansion attacks.

 
 
CVE-2020-24589

CWE-776
 

 
The Management Console in WSO2 API Manager through 3.1.0 and API Microgateway 2.2.0 allows XML External Entity injection (XXE) attacks.

 
2020-06-06
 
CVE-2020-13883

CWE-611
 

 
In WSO2 API Manager 3.0.0 and earlier, WSO2 API Microgateway 2.2.0, and WSO2 IS as Key Manager 5.9.0 and earlier, Management Console allows XXE during addition or update of a Lifecycle.

 
2020-05-08
 
CVE-2020-12719

CWE-611
 

 
XXE during an EventPublisher update can occur in Management Console in WSO2 API Manager 3.0.0 and earlier, API Manager Analytics 2.5.0 and earlier, API Microgateway 2.2.0, Enterprise Integrator 6.4.0 and earlier, IS as Key Manager 5.9.0 and earlier, Identity Server 5.9.0 and earlier, and Identity Server Analytics 5.6.0 and earlier.

 

 >>> Vendor: WSO2 24 Products
Carbon
Enablement server for java
Identity server
Storage server
Data analytics server
Iot server
Enterprise integrator
Business rules server
Api manager
Business process server
Dashboard server
Message broker
Enterprise mobility manager
Application server
Data services server
Complex event processor
Governance registry
App manager
Machine learner
Identity server as key manager
Api manager analytics
Api microgateway
Identity server analytics
Api microgatewa


Copyright 2020, cxsecurity.com

 

Back to Top