Filtered by vendor Wso2
Subscriptions
Filtered by product Wso2 Universal Gateway
Subscriptions
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-6670 | 1 Wso2 | 10 Org.wso2.carbon Org.wso2.carbon.ui, Wso2 Api Control Plane, Wso2 Api Manager and 7 more | 2025-11-18 | 8.8 High |
| A Cross-Site Request Forgery (CSRF) vulnerability exists in multiple WSO2 products due to the use of the HTTP GET method for state-changing operations within admin services, specifically in the event processor of the Carbon console. Although the SameSite=Lax cookie attribute is used as a mitigation, it is ineffective in this context because it allows cookies to be sent with cross-origin top-level navigations using GET requests. A malicious actor can exploit this vulnerability by tricking an authenticated user into visiting a crafted link, leading the browser to issue unintended state-changing requests. Successful exploitation could result in unauthorized operations such as data modification, account changes, or other administrative actions. According to WSO2 Secure Production Guidelines, exposure of Carbon console services to untrusted networks is discouraged, which may reduce the impact in properly secured deployments. | ||||
| CVE-2025-9312 | 1 Wso2 | 10 Org.wso2.carbon.identity.auth.service, Wso2 Api Control Plane, Wso2 Api Manager and 7 more | 2025-11-18 | 9.8 Critical |
| A missing authentication enforcement vulnerability exists in the mutual TLS (mTLS) implementation used by System REST APIs and SOAP services in multiple WSO2 products. Due to improper validation of client certificate–based authentication in certain default configurations, the affected components may permit unauthenticated requests even when mTLS is enabled. This condition occurs when relying on the default mTLS settings for System REST APIs or when the mTLS authenticator is enabled for SOAP services, causing these interfaces to accept requests without enforcing additional authentication. Successful exploitation allows a malicious actor with network access to the affected endpoints to gain administrative privileges and perform unauthorized operations. The vulnerability is exploitable only when the impacted mTLS flows are enabled and accessible in a given deployment. Other certificate-based authentication mechanisms—such as Mutual TLS OAuth client authentication and X.509 login flows—are not affected, and APIs served through the API Gateway of WSO2 API Manager remain unaffected. | ||||
Page 1 of 1.