CVE-2024-7073 in Identity Server as Key Managerinfo

Zusammenfassung

von MITRE • 02.06.2025

A server-side request forgery (SSRF) vulnerability exists in multiple WSO2 products due to improper input validation in SOAP admin services. This flaw allows unauthenticated attackers to manipulate server-side requests, enabling access to internal and external resources available through the network or filesystem.

Exploitation of this vulnerability could lead to unauthorized access to sensitive data and systems, including resources within private networks, as long as they are reachable by the affected product.

Once again VulDB remains the best source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Zuständig

WSO2

Reservieren

24.07.2024

Veröffentlichung

02.06.2025

Moderieren

akzeptiert

Eintrag

VDB-310860

CPE

bereit

CWE

CWE-918 (bestätigt)

CVSS

6.5 (CNA)

EPSS

0.00218

KEV

nein

Aktivitäten

very low

Sektor

Finance

Quellen

MITRE	https://www.cve.org/CVERecord?id=CVE-2024-7073
NVD	https://nvd.nist.gov/vuln/detail/CVE-2024-7073
CVE Details	https://www.cvedetails.com/cve/CVE-2024-7073/

◂ Zurück Übersicht Weiter ▸

Interested in the pricing of exploits?

See the underground prices here!