CVE-2022-29464

CVE Published 2022-04-18
Related CWE(s) CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Related Vendor(s) wso2
Related Product(s) enterprise_integrator, identity_server_analytics, api_manager, identity_server, open_banking_am, identity_server_as_key_manager, open_banking_iam, open_banking_km
Exploitation Reported (CISA KEV) 2022-04-25
CVSS 3 Base Score 9.8 (CRITICAL)
CVSS 3 Attack Complexity LOW
CVSS 3 Attack Vector NETWORK

Certain WSO2 products allow unrestricted file upload with resultant remote code execution. The attacker must use a /fileupload endpoint with a Content-Disposition directory traversal sequence to reach a directory under the web root, such as a ../../../../repository/deployment/server/webapps directory. This affects WSO2 API Manager 2.2.0 up to 4.0.0, WSO2 Identity Server 5.2.0 up to 5.11.0, WSO2 Identity Server Analytics 5.4.0, 5.4.1, 5.5.0 and 5.6.0, WSO2 Identity Server as Key Manager 5.3.0 up to 5.11.0, WSO2 Enterprise Integrator 6.2.0 up to 6.6.0, WSO2 Open Banking AM 1.4.0 up to 2.0.0 and WSO2 Open Banking KM 1.4.0, up to 2.0.0.

Cyber Threat Graph Context

Explore how this CVE relates to the wider threat graph

Associated CAPEC Patterns

References