Vulnerability CVE-2017-14995
Published: 2017-10-03   Modified: 2017-10-04

Description:
The Management Console in WSO2 Application Server 5.3.0, WSO2 Business Process Server 3.6.0, WSO2 Business Rules Server 2.2.0, WSO2 Complex Event Processor 4.2.0, WSO2 Dashboard Server 2.0.0, WSO2 Data Analytics Server 3.1.0, WSO2 Data Services Server 3.5.1, and WSO2 Machine Learner 1.2.0 is affected by stored XSS.

CVSS2 => (AV:N/AC:M/Au:N/C:N/I:P/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
4.3/10
2.9/10
8.6/10
Exploit range
Attack complexity
Authentication
Remote
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
None
Partial
None
Affected software
WSO2 -> Application server 
WSO2 -> Business process server 
WSO2 -> Business rules server 
WSO2 -> Complex event processor 
WSO2 -> Dashboard server 
WSO2 -> Data analytics server 
WSO2 -> Data services server 
WSO2 -> Machine learner 

 References:
https://docs.wso2.com/display/Security/Security+Advisory+WSO2-2017-0257
Copyright 2024, cxsecurity.com

 

Back to Top